diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/app/config/config.c | 5 | ||||
| -rw-r--r-- | src/app/config/or_options_st.h | 6 | ||||
| -rw-r--r-- | src/core/or/circuitpadding.c | 13 | ||||
| -rw-r--r-- | src/core/or/circuitpadding.h | 11 |
4 files changed, 35 insertions, 0 deletions
diff --git a/src/app/config/config.c b/src/app/config/config.c index 7ad970625a..1c7cb1d577 100644 --- a/src/app/config/config.c +++ b/src/app/config/config.c @@ -597,6 +597,7 @@ static config_var_t option_vars_[] = { V(ConnectionPadding, AUTOBOOL, "auto"), V(RefuseUnknownExits, AUTOBOOL, "auto"), V(CircuitPadding, BOOL, "1"), + V(ReducedCircuitPadding, BOOL, "0"), V(RejectPlaintextPorts, CSV, ""), V(RelayBandwidthBurst, MEMUNIT, "0"), V(RelayBandwidthRate, MEMUNIT, "0"), @@ -3746,6 +3747,10 @@ options_validate(or_options_t *old_options, or_options_t *options, REJECT("Relays cannot set CircuitPadding to 0. "); } + if (server_mode(options) && options->ReducedCircuitPadding == 1) { + REJECT("Relays cannot set ReducedCircuitPadding. "); + } + if (options->BridgeDistribution) { if (!options->BridgeRelay) { REJECT("You set BridgeDistribution, but you didn't set BridgeRelay!"); diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h index 0fdeb94b4f..4e03bec7fa 100644 --- a/src/app/config/or_options_st.h +++ b/src/app/config/or_options_st.h @@ -253,6 +253,12 @@ struct or_options_t { * disabled. */ int CircuitPadding; + /** Boolean: if true, then this client will only use circuit padding + * algorithms that are known to use a low amount of overhead. If false, + * we will use all available circuit padding algorithms. + */ + int ReducedCircuitPadding; + /** To what authority types do we publish our descriptor? Choices are * "v1", "v2", "v3", "bridge", or "". */ struct smartlist_t *PublishServerDescriptor; diff --git a/src/core/or/circuitpadding.c b/src/core/or/circuitpadding.c index dcd8f645c4..8d2749906b 100644 --- a/src/core/or/circuitpadding.c +++ b/src/core/or/circuitpadding.c @@ -82,6 +82,7 @@ static double circpad_distribution_sample(circpad_distribution_t dist); /** Cached consensus params */ static uint8_t circpad_padding_disabled; +static uint8_t circpad_padding_reduced; static uint8_t circpad_global_max_padding_percent; static uint16_t circpad_global_allowed_cells; static uint16_t circpad_max_circ_queued_cells; @@ -1086,6 +1087,10 @@ circpad_new_consensus_params(const networkstatus_t *ns) networkstatus_get_param(ns, "circpad_padding_disabled", 0, 0, 1); + circpad_padding_reduced = + networkstatus_get_param(ns, "circpad_padding_reduced", + 0, 0, 1); + circpad_global_allowed_cells = networkstatus_get_param(ns, "circpad_global_allowed_cells", 0, 0, UINT16_MAX-1); @@ -1662,6 +1667,14 @@ circpad_machine_conditions_met(origin_circuit_t *circ, if (circpad_padding_disabled || !get_options()->CircuitPadding) return 0; + /* If the consensus or our torrc has selected reduced connection padding, + * then only allow this machine if it is flagged as acceptable under + * reduced padding conditions */ + if (circpad_padding_reduced || get_options()->ReducedCircuitPadding) { + if (!machine->conditions.reduced_padding_ok) + return 0; + } + if (!(circpad_circ_purpose_to_mask(TO_CIRCUIT(circ)->purpose) & machine->conditions.purpose_mask)) return 0; diff --git a/src/core/or/circuitpadding.h b/src/core/or/circuitpadding.h index bc2522c210..f00369eb0a 100644 --- a/src/core/or/circuitpadding.h +++ b/src/core/or/circuitpadding.h @@ -152,6 +152,17 @@ typedef struct circpad_machine_conditions_t { /** Only apply the machine *if* vanguards are enabled */ unsigned requires_vanguards : 1; + /** + * This machine is ok to use if reduced padding is set in consensus + * or torrc. This machine will still be applied even if reduced padding + * is not set; this flag only acts to exclude machines that don't have + * it set when reduced padding is requested. Therefore, reduced padding + * machines should appear at the lowest priority in the padding machine + * lists (aka first in the list), so that non-reduced padding machines + * for the same purpose are given a chance to apply when reduced padding + * is not requested. */ + unsigned reduced_padding_ok : 1; + /** Only apply the machine *if* the circuit's state matches any of * the bits set in this bitmask. */ circpad_circuit_state_t state_mask; |