summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/common/compat.c24
-rw-r--r--src/or/connection.c28
-rw-r--r--src/or/dirserv.c37
-rw-r--r--src/or/dirserv.h3
-rw-r--r--src/or/microdesc.c27
-rw-r--r--src/or/nodelist.c2
-rw-r--r--src/tools/tor-fw-helper/README2
7 files changed, 62 insertions, 61 deletions
diff --git a/src/common/compat.c b/src/common/compat.c
index 27a3ece5ba..10c43416bf 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -1603,15 +1603,23 @@ get_max_sockets(void)
* tell Tor it's allowed to use. */
#define ULIMIT_BUFFER 32 /* keep 32 extra fd's beyond ConnLimit_ */
-/** Learn the maximum allowed number of file descriptors, and tell the system
- * we want to use up to that number. (Some systems have a low soft limit, and
- * let us set it higher.)
+/** Learn the maximum allowed number of file descriptors, and tell the
+ * system we want to use up to that number. (Some systems have a low soft
+ * limit, and let us set it higher.) We compute this by finding the largest
+ * number that we can use.
*
- * We compute this by finding the largest number that we can use.
- * If we can't find a number greater than or equal to <b>limit</b>,
- * then we fail: return -1.
+ * If the limit is below the reserved file descriptor value (ULIMIT_BUFFER),
+ * return -1 and <b>max_out</b> is untouched.
*
- * Otherwise, return 0 and store the maximum we found inside <b>max_out</b>.*/
+ * If we can't find a number greater than or equal to <b>limit</b>, then we
+ * fail by returning -1 and <b>max_out</b> is untouched.
+ *
+ * If we are unable to set the limit value because of setrlimit() failing,
+ * return -1 and <b>max_out</b> is set to the current maximum value returned
+ * by getrlimit().
+ *
+ * Otherwise, return 0 and store the maximum we found inside <b>max_out</b>
+ * and set <b>max_sockets</b> with that value as well.*/
int
set_max_file_descriptors(rlim_t limit, int *max_out)
{
@@ -1668,7 +1676,7 @@ set_max_file_descriptors(rlim_t limit, int *max_out)
}
/* Set the current limit value so if the attempt to set the limit to the
* max fails at least we'll have a valid value of maximum sockets. */
- max_sockets = (int)rlim.rlim_cur - ULIMIT_BUFFER;
+ *max_out = max_sockets = (int)rlim.rlim_cur - ULIMIT_BUFFER;
rlim.rlim_cur = rlim.rlim_max;
if (setrlimit(RLIMIT_NOFILE, &rlim) != 0) {
diff --git a/src/or/connection.c b/src/or/connection.c
index 2cca6e4cf9..ac36578069 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -4206,34 +4206,6 @@ connection_write_to_buf_impl_,(const char *string, size_t len,
conn->outbuf_flushlen += buf_datalen(conn->outbuf) - old_datalen;
} else {
conn->outbuf_flushlen += len;
-
- /* Should we try flushing the outbuf now? */
- if (conn->in_flushed_some) {
- /* Don't flush the outbuf when the reason we're writing more stuff is
- * _because_ we flushed the outbuf. That's unfair. */
- return;
- }
-
- if (conn->type == CONN_TYPE_CONTROL &&
- !connection_is_rate_limited(conn) &&
- conn->outbuf_flushlen-len < 1<<16 &&
- conn->outbuf_flushlen >= 1<<16) {
- /* just try to flush all of it */
- } else
- return; /* no need to try flushing */
-
- if (connection_handle_write(conn, 0) < 0) {
- if (!conn->marked_for_close) {
- /* this connection is broken. remove it. */
- log_warn(LD_BUG, "unhandled error on write for "
- "conn (type %d, fd %d); removing",
- conn->type, (int)conn->s);
- tor_fragile_assert();
- /* do a close-immediate here, so we don't try to flush */
- connection_close_immediate(conn);
- }
- return;
- }
}
}
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 0a15332163..072a3390da 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -244,7 +244,8 @@ dirserv_load_fingerprint_file(void)
* If the status is 'FP_REJECT' and <b>msg</b> is provided, set
* *<b>msg</b> to an explanation of why. */
uint32_t
-dirserv_router_get_status(const routerinfo_t *router, const char **msg)
+dirserv_router_get_status(const routerinfo_t *router, const char **msg,
+ int severity)
{
char d[DIGEST_LEN];
@@ -263,7 +264,8 @@ dirserv_router_get_status(const routerinfo_t *router, const char **msg)
if (msg) {
*msg = "Ed25519 identity key or RSA identity key has changed.";
}
- log_warn(LD_DIR, "Router %s uploaded a descriptor with a Ed25519 key "
+ log_fn(severity, LD_DIR,
+ "Descriptor from router %s has an Ed25519 key, "
"but the <rsa,ed25519> keys don't match what they were before.",
router_describe(router));
return FP_REJECT;
@@ -272,7 +274,8 @@ dirserv_router_get_status(const routerinfo_t *router, const char **msg)
/* No ed25519 key */
if (KEYPIN_MISMATCH == keypin_check_lone_rsa(
(const uint8_t*)router->cache_info.identity_digest)) {
- log_warn(LD_DIR, "Router %s uploaded a descriptor with no Ed25519 key, "
+ log_fn(severity, LD_DIR,
+ "Descriptor from router %s has no Ed25519 key, "
"when we previously knew an Ed25519 for it. Ignoring for now, "
"since Tor 0.2.6 is under development.",
router_describe(router));
@@ -299,7 +302,7 @@ dirserv_would_reject_router(const routerstatus_t *rs)
res = dirserv_get_status_impl(rs->identity_digest, rs->nickname,
rs->addr, rs->or_port,
- NULL, NULL, 0);
+ NULL, NULL, LOG_DEBUG);
return (res & FP_REJECT) != 0;
}
@@ -308,13 +311,13 @@ dirserv_would_reject_router(const routerstatus_t *rs)
* (hex, no spaces), nickname, address (used for logging only), IP address, OR
* port and platform (logging only) as arguments.
*
- * If should_log is false, do not log messages. (There's not much point in
+ * Log messages at 'severity'. (There's not much point in
* logging that we're rejecting servers we'll not download.)
*/
static uint32_t
dirserv_get_status_impl(const char *id_digest, const char *nickname,
uint32_t addr, uint16_t or_port,
- const char *platform, const char **msg, int should_log)
+ const char *platform, const char **msg, int severity)
{
uint32_t result = 0;
router_status_t *status_by_digest;
@@ -322,10 +325,9 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
if (!fingerprint_list)
fingerprint_list = authdir_config_new();
- if (should_log)
- log_debug(LD_DIRSERV, "%d fingerprints, %d digests known.",
- strmap_size(fingerprint_list->fp_by_name),
- digestmap_size(fingerprint_list->status_by_digest));
+ log_debug(LD_DIRSERV, "%d fingerprints, %d digests known.",
+ strmap_size(fingerprint_list->fp_by_name),
+ digestmap_size(fingerprint_list->status_by_digest));
/* Versions before Tor 0.2.4.18-rc are too old to support, and are
* missing some important security fixes too. Disable them. */
@@ -350,23 +352,22 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
}
if (authdir_policy_badexit_address(addr, or_port)) {
- if (should_log)
- log_info(LD_DIRSERV, "Marking '%s' as bad exit because of address '%s'",
+ log_fn(severity, LD_DIRSERV,
+ "Marking '%s' as bad exit because of address '%s'",
nickname, fmt_addr32(addr));
result |= FP_BADEXIT;
}
if (!authdir_policy_permits_address(addr, or_port)) {
- if (should_log)
- log_info(LD_DIRSERV, "Rejecting '%s' because of address '%s'",
+ log_fn(severity, LD_DIRSERV, "Rejecting '%s' because of address '%s'",
nickname, fmt_addr32(addr));
if (msg)
*msg = "Authdir is rejecting routers in this range.";
return FP_REJECT;
}
if (!authdir_policy_valid_address(addr, or_port)) {
- if (should_log)
- log_info(LD_DIRSERV, "Not marking '%s' valid because of address '%s'",
+ log_fn(severity, LD_DIRSERV,
+ "Not marking '%s' valid because of address '%s'",
nickname, fmt_addr32(addr));
result |= FP_INVALID;
}
@@ -422,9 +423,9 @@ authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg,
int complain, int *valid_out)
{
/* Okay. Now check whether the fingerprint is recognized. */
- uint32_t status = dirserv_router_get_status(ri, msg);
time_t now;
int severity = (complain && ri->contact_info) ? LOG_NOTICE : LOG_INFO;
+ uint32_t status = dirserv_router_get_status(ri, msg, severity);
tor_assert(msg);
if (status & FP_REJECT)
return -1; /* msg is already set. */
@@ -734,7 +735,7 @@ directory_remove_invalid(void)
uint32_t r;
if (!ent)
continue;
- r = dirserv_router_get_status(ent, &msg);
+ r = dirserv_router_get_status(ent, &msg, LOG_INFO);
router_get_description(description, ent);
if (r & FP_REJECT) {
log_info(LD_DIRSERV, "Router %s is now rejected: %s",
diff --git a/src/or/dirserv.h b/src/or/dirserv.h
index 311a513dbe..8a4e68dcf5 100644
--- a/src/or/dirserv.h
+++ b/src/or/dirserv.h
@@ -84,7 +84,8 @@ int authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg,
int complain,
int *valid_out);
uint32_t dirserv_router_get_status(const routerinfo_t *router,
- const char **msg);
+ const char **msg,
+ int severity);
void dirserv_set_node_flags_from_authoritative_status(node_t *node,
uint32_t authstatus);
diff --git a/src/or/microdesc.c b/src/or/microdesc.c
index ee48f6a419..051603d327 100644
--- a/src/or/microdesc.c
+++ b/src/or/microdesc.c
@@ -39,8 +39,13 @@ struct microdesc_cache_t {
uint64_t total_len_seen;
/** Total number of microdescriptors we have added to this cache */
unsigned n_seen;
+
+ /** True iff we have loaded this cache from disk ever. */
+ int is_loaded;
};
+static microdesc_cache_t *get_microdesc_cache_noload(void);
+
/** Helper: computes a hash of <b>md</b> to place it in a hash table. */
static INLINE unsigned int
microdesc_hash_(microdesc_t *md)
@@ -113,12 +118,24 @@ static microdesc_cache_t *the_microdesc_cache = NULL;
microdesc_cache_t *
get_microdesc_cache(void)
{
+ microdesc_cache_t *cache = get_microdesc_cache_noload();
+ if (PREDICT_UNLIKELY(cache->is_loaded == 0)) {
+ microdesc_cache_reload(cache);
+ }
+ return cache;
+}
+
+/** Return a pointer to the microdescriptor cache, creating (but not loading)
+ * it if necessary. */
+static microdesc_cache_t *
+get_microdesc_cache_noload(void)
+{
if (PREDICT_UNLIKELY(the_microdesc_cache==NULL)) {
- microdesc_cache_t *cache = tor_malloc_zero(sizeof(microdesc_cache_t));
+ microdesc_cache_t *cache = tor_malloc_zero(sizeof(*cache));
+ tor_malloc_zero(sizeof(microdesc_cache_t));
HT_INIT(microdesc_map, &cache->map);
cache->cache_fname = get_datadir_fname("cached-microdescs");
cache->journal_fname = get_datadir_fname("cached-microdescs.new");
- microdesc_cache_reload(cache);
the_microdesc_cache = cache;
}
return the_microdesc_cache;
@@ -353,6 +370,8 @@ microdesc_cache_reload(microdesc_cache_t *cache)
microdesc_cache_clear(cache);
+ cache->is_loaded = 1;
+
mm = cache->cache_content = tor_mmap_file(cache->cache_fname);
if (mm) {
added = microdescs_add_to_cache(cache, mm->data, mm->data+mm->size,
@@ -697,7 +716,7 @@ microdesc_free_(microdesc_t *md, const char *fname, int lineno)
/* Make sure that the microdesc was really removed from the appropriate data
structures. */
if (md->held_in_map) {
- microdesc_cache_t *cache = get_microdesc_cache();
+ microdesc_cache_t *cache = get_microdesc_cache_noload();
microdesc_t *md2 = HT_FIND(microdesc_map, &cache->map, md);
if (md2 == md) {
log_warn(LD_BUG, "microdesc_free() called from %s:%d, but md was still "
@@ -710,7 +729,7 @@ microdesc_free_(microdesc_t *md, const char *fname, int lineno)
tor_fragile_assert();
}
if (md->held_by_nodes) {
- microdesc_cache_t *cache = get_microdesc_cache();
+ microdesc_cache_t *cache = get_microdesc_cache_noload();
int found=0;
const smartlist_t *nodes = nodelist_get_list();
const int ht_badness = HT_REP_IS_BAD_(microdesc_map, &cache->map);
diff --git a/src/or/nodelist.c b/src/or/nodelist.c
index 8f8adb42b5..2f272a1d56 100644
--- a/src/or/nodelist.c
+++ b/src/or/nodelist.c
@@ -176,7 +176,7 @@ nodelist_set_routerinfo(routerinfo_t *ri, routerinfo_t **ri_old_out)
if (authdir_mode(get_options()) && !had_router) {
const char *discard=NULL;
- uint32_t status = dirserv_router_get_status(ri, &discard);
+ uint32_t status = dirserv_router_get_status(ri, &discard, LOG_INFO);
dirserv_set_node_flags_from_authoritative_status(node, status);
}
diff --git a/src/tools/tor-fw-helper/README b/src/tools/tor-fw-helper/README
index 3868cc2e4d..6a1ecaa1e4 100644
--- a/src/tools/tor-fw-helper/README
+++ b/src/tools/tor-fw-helper/README
@@ -1,7 +1,7 @@
We no longer recommend the use of this tool. Instead, please use the
pure-Go version of tor-fw-helper available at
- https://github.com/Yawning/tor-fw-helper
+ https://gitweb.torproject.org/tor-fw-helper.git
Why?
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion