| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
We had 3 callsites setting up the circuit congestion control and so this
commit consolidates all 3 calls into 1 function.
Related to #40586
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Once the cpath is finalized, e2e encryption setup, transfer the ccontrol
from the rendezvous circuit to the cpath.
This allows the congestion control subsystem to properly function for
both upload and download side of onion services.
Closes #40586
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Fixes #40587
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
Related #40312
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
This applies only for relays. Previous commit adds two new consensus
parameters that dictate how libevent is configured with DNS resolution.
And so, with a new consensus, we now look at those values in case they
ever change.
Without this, Exit relay would have to HUP or restart to apply any new
Exit DNS consensus parameters.
Related to #40312
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Introduces two new consensus parameter:
exit_dns_timeout: Number of seconds before libevent should consider
the DNS request a timeout.
exit_dns_num_attempts: Number of attempts that libeven should retry a
previously failing query before calling it a timeout.
Closes #40312
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
This code was heavily reused from the previous DNS timeout work done in
ticket #40491 that was removed afterall from our code.
Closes #40560
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Fixes #40577
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
|
|
|
|
|
|
Due to a possible Guard subsystem recursion, when the HS client gets
notified that the directory information has changed, it must run it in a
seperate mainloop event to avoid such issue.
See the ticket for more information on the recursion. This also fixes a
fatal assert.
Fixes #40579
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
It is possible to not have the descriptor anymore by the time the
rendezvous circuit opens. Don't BUG() on that.
Instead, when sending the INTRODUCE1 cell, make sure the descriptor we
have (or have just fetched) matches what we setup in the rendezvous
circuit.
If not, the circuit is closed and another one is opened for a retry.
Fixes #40576
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
Prometheus needs unique labels and so this bug was causing an onion
service with multiple ports to have multiple "port=" label for the
metrics requiring a port label.
Fixes #40581
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Prometheus needs unique labels and so this bug was causing an onion
service with multiple ports to have multiple "port=" label for the
metrics requiring a port label.
Fixes #40581
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
These parameters will vary depending on path length, especially for onions.
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Republishing is necessary to ensure that clients connect using the correct
sendme_inc upon any change. Additionally, introduction points must be
re-chosen, so that cached descriptors with old values are not usable.
We do not expect to change sendme_inc, unless cell size or TLS record size
changes, so this should be rare.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
This puts the flow control version (unparsed) in the descriptor. The
client doesn't use it yet.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
This simply adds the "flow-control" line, as detailed in prop324, to the
descriptor. No decoding is done at this commit.
Part of #40506
|
|
Move it to extension.trunnel instead so that extension ABI construction
can be used in other parts of tor than just HS cells.
Specifically, we'll use it in the ntorv3 data payload and make a
congestion control parameter extension using that binary structure.
Only rename. No code behavior changes.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
We want ntor and ntorv3 to use the same queues and stats.
|
|
|
|
|
|
|
|
|
|
There are a lot of TODOs about what to send, whom to send it to, and
etc.
|
|
|
|
Closes #40559
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
This was missed in #40527 when the DNS timeout overload general signal
was removed.
Closes #40564
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
Fixes #40552
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Introduced in bf10206e9e23ac0ded2cc9727666696ea25d5636 which is not
released yet thus no changes file.
Found by Coverity with cid #1495786.
Fixes #40532
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
