summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-04-18Rename some functions to start with a uniform prefixNick Mathewson
2018-04-17Fix a compilation warning on clangNick Mathewson
2018-04-17Remove the periodic refill event entirely.Nick Mathewson
Now that we update our buckets on demand before reading or writing, we no longer need to update them all every TokenBucketRefillInterval msec. When a connection runs out of bandwidth, we do need a way to reenable it, however. We do this by scheduling a timer to reenable all blocked connections for TokenBucketRefillInterval msec after a connection becomes blocked. (If we were using PerConnBWRate more, it might make sense to have a per-connection timer, rather than a single timeout. But since PerConnBWRate is currently (mostly) unused, I'm going to go for the simpler approach here, since usually whenever one connection has become blocked on bandwidth, most connections are blocked on bandwidth.) Implements ticket 25373.
2018-04-17Move responsibility for recording read/written bytesNick Mathewson
Previously this was done as part of the refill callback, but there's no real reason to do it like that. Since we're trying to remove the refill callback completely, we can do this work as part of record_num_bytes_transferred_impl(), which already does quite a lot of this.
2018-04-17Refill each token bucket at the last instant before reading/writing.Nick Mathewson
(This patch does not yet eliminate the global refill callback; fortunately, bucket refilling is idempotent.)
2018-04-17Refactor responsibility for checking global write bucket emptinessNick Mathewson
We used to do this 10x per second in connection_buckets_refill(); instead, we now do it when the bucket becomes empty. This change is part of the work of making connection_buckets_refill() obsolete. Closes ticket 25828; bugfix on 0.2.3.5-alpha.
2018-04-17Amend token_bucket_rw_dec to indicate which buckets became empty.Nick Mathewson
2018-04-17Rename connection_bucket_refill to connection_bucket_refill_allNick Mathewson
Also document its actual behavior
2018-04-17Rename connection_bucket_round_robin -> get_shareNick Mathewson
There was nothing round_robinish about this function.
2018-04-17Refactor the "block the connection on bandwidth" logicNick Mathewson
Right now, this patch just introduces and exposes some new functions. Later, these functions will get a little more complexity.
2018-04-17token bucket: Add parens to rate_per_sec_to_rate_per_step()Nick Mathewson
Typecasts bind more tightly than division, so we need to do the division first.
2018-04-17Merge branch 'maint-0.3.3'Nick Mathewson
2018-04-17Merge branch 'maint-0.3.2' into maint-0.3.3Nick Mathewson
2018-04-17Merge branch 'maint-0.3.1' into maint-0.3.2Nick Mathewson
2018-04-17Merge branch 'maint-0.2.9' into maint-0.3.1Nick Mathewson
2018-04-17Merge branch 'maint-0.3.3'Nick Mathewson
2018-04-17heartbeat: Log the number of circuits killed because too many cellsDavid Goulet
We recently merged a circuit cell queue size safeguard. This commit adds the number of killed circuits that have reached the limit to the DoS heartbeat. It now looks like this: [notice] DoS mitigation since startup: 0 circuits killed with too many cells. 0 circuits rejected, 0 marked addresses. 0 connections closed. 0 single hop clients refused. Second thing that this patch does. It makes tor always print the DoS mitigation heartbeat line (for a relay) even though no DoS mitigation have been enabled. The reason is because we now kill circuits that have too many cells regardless on if it is enabled or not but also it will give the operator a chance to learn what is enabled with the heartbeat instead of suddenly appearing when it is enabled by let say the consensus. Fixes #25824 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-17Merge remote-tracking branch 'public/bug24688'Nick Mathewson
2018-04-16token: Fix uint32_t to uint64_t conversionDavid Goulet
Unfortunately, the units passed to monotime_coarse_stamp_units_to_approx_msec() was always 0 due to a type conversion. Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-16Add support for the coveralls.io coverage tool in travis configNick Mathewson
Closes ticket 25818.
2018-04-16Merge branch 'maint-0.3.3'Nick Mathewson
2018-04-16Merge branch 'maint-0.3.1' into maint-0.3.2Nick Mathewson
2018-04-16Merge branch 'maint-0.2.9' into maint-0.3.1Nick Mathewson
2018-04-16Merge branch 'maint-0.3.2' into maint-0.3.3Nick Mathewson
2018-04-16Fix an LCOV exclusion pattern in address.cNick Mathewson
2018-04-16Merge branch 'maint-0.3.3'Nick Mathewson
2018-04-16Merge remote-tracking branch 'dgoulet/bug25226_033_02' into maint-0.3.3Nick Mathewson
2018-04-16relay: Implement a circuit cell queue maximum sizeDavid Goulet
This commit introduces the consensus parameter "circ_max_cell_queue_size" which controls the maximum number of cells a circuit queue should have. The default value is currently 50000 cells which is above what should be expected but keeps us a margin of error for padding cells. Related to this is #9072. Back in 0.2.4.14-alpha, we've removed that limit due to a Guard discovery attack. Ticket #25226 details why we are putting back the limit due to the memory pressure issue on relays. Fixes #25226 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-16Remove old tor-fw-helper README from EXTRA_DISTNick Mathewson
We removed this file, but didn't take it out of EXTRA_DIST -- thus breaking "make dist".
2018-04-15Merge branch 'maint-0.3.3'Nick Mathewson
"ours" to avoid version bump.
2018-04-15bump to 0.3.3.5-rc-devNick Mathewson
2018-04-15copy 0.3.3.5-rc changelog to master.Nick Mathewson
2018-04-14Remove changes files that will appear in 0.3.3.5-rc.Nick Mathewson
2018-04-14Merge branch 'maint-0.3.3'Nick Mathewson
2018-04-14bump to 0.3.3.5-rcNick Mathewson
2018-04-1332-bit compilation warningsNick Mathewson
2018-04-13token_bucket: Fix indentationDavid Goulet
Both header and code file had some indentation issues after mass renaming. No code behavior change. Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-13Merge branch 'token_bucket_once_again_squashed'Nick Mathewson
2018-04-13Fix "make check-spaces"Nick Mathewson
2018-04-13Refactor "timestamp" not to be its own type coupled to token buffersNick Mathewson
Really, the uint32_t is only an optimization; any kind of unit should work fine. Some users might want to use time_t or monotime_coarse_t or something like that.
2018-04-13Move token_bucket_raw_* functions to the start of the module.Nick Mathewson
(These functions were previously helper functions for token_bucket_rw_t).
2018-04-13Never pick a rate of 0.Nick Mathewson
(The tests caught this one.)
2018-04-13Start re-refactoring the token bucket interface.Nick Mathewson
Begin by creating a lowest-level triple of the types needed to implement a token bucket: a configuration, a timestamp, and the raw bucket itself. Note that for low-level buckets, the units of the timestamp and the bucket itself are unspecified: each user can use a different type. (This patch breaks check-spaces; a later patch will fix it)
2018-04-13Merge branch 'maint-0.3.3'Nick Mathewson
2018-04-13Merge remote-tracking branch 'dgoulet/ticket25248_033_02' into maint-0.3.3Nick Mathewson
2018-04-13Merge branch 'maint-0.3.3'Nick Mathewson
2018-04-13doc: Fix typo and clarify that DoS options are relay onlyMike Perry
2018-04-13doc: Move DOS options below SERVER optionsDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-13doc: Improve DoS section of the man page tor.1David Goulet
Add to the Denial of Service section of the man page an explanation about the three different mitigation Tor has. Fixes #25248. Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-13Merge branch 'postloop_callbacks_2'Nick Mathewson
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion