summaryrefslogtreecommitdiff
path: root/src/or/geoip.c
AgeCommit message (Collapse)Author
2018-02-16Merge branch 'maint-0.3.1' into maint-0.3.2Nick Mathewson
2018-02-16Merge branch 'maint-0.2.9' into maint-0.3.1Nick Mathewson
2018-02-05geoip: Make geoip_client_cache_total_allocation() return the counterDavid Goulet
The HT_FOREACH() is insanely heavy on the CPU and this is part of the fast path so make it return the nice memory size counter we added in 4d812e29b9b1ec88. Fixes #25148 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-02Merge branch 'ticket25122_029_02' into ticket24902_029_05David Goulet
2018-02-02geoip: Add clientmap_entry_new() functionDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-02geoip: Increment and decrement functions for the geoip client cacheDavid Goulet
These functions protect againts over and underflow. They BUG() in case we overflow the counter. Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-02geoip: Hook the client history cache into the OOM handlerDavid Goulet
If the cache is using 20% of our maximum allowed memory, clean 10% of it. Same behavior as the HS descriptor cache. Closes #25122 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-01-30dos: Clear connection tracked flag if geoip entry is removedDavid Goulet
Imagine this scenario. We had 10 connections over the 24h lifetime of a geoip cache entry. The lifetime of the entry has been reached so it is about to get freed but 2 connections remain for it. After the free, a third connection comes in thus making us create a new geoip entry for that address matching the 2 previous ones that are still alive. If they end up being closed, we'll have a concurrent count desynch from what the reality is. To mitigate this probably very rare scenario in practice, when we free a geoip entry and it has a concurrent count above 0, we'll go over all connections matching the address and clear out the tracked flag. So once they are closed, we don't try to decrement the count. Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-01-30geoip: Remember client stats if DoS mitigation is enabledDavid Goulet
Make the geoip cache track client address if the DoS subsystem is enabled. Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-01-25geoip: Add a lookup function for client map entryDavid Goulet
The upcoming DoS mitigation subsytem needs to keep information on a per-IP basis which is also what the geoip clientmap does. For another subsystem to access that clientmap, this commit adds a lookup function that returns the entry. For this, the clientmap_entry_t had to be moved to the header file. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-25New GETINFO target to check if geoip is loadedNick Mathewson
Closes ticket 23237.
2017-06-05Merge branch 'maint-0.3.0'Nick Mathewson
2017-06-05Merge branch 'maint-0.2.9' into maint-0.3.0Nick Mathewson
2017-06-05Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2017-06-05Merge branch 'maint-0.2.7-redux' into maint-0.2.8Nick Mathewson
2017-06-05Merge branch 'maint-0.2.5' into maint-0.2.6Nick Mathewson
2017-06-05Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-06-05Fix undefined behavior in geoip_parse_entry().Nick Mathewson
Fixes bug 22490; bugfix on 6a241ff3ffe7dc1 in 0.2.4.6-alpha. Found by teor using clang-5.0's AddressSanitizer stack-use-after-scope.
2017-03-15Run the copyright update script.Nick Mathewson
2017-03-09Remove fgets() compatbility function and related tests.Alexander Færøy
This patch removes the `tor_fgets()` wrapper around `fgets(3)` since it is no longer needed. The function was created due to inconsistency between the returned values of `fgets(3)` on different versions of Unix when using `fgets(3)` on non-blocking file descriptors, but with the recent changes in bug #21654 we switch from unbuffered to direct I/O on non-blocking file descriptors in our utility module. We continue to use `fgets(3)` directly in the geoip and dirserv module since this usage is considered safe. This patch also removes the test-case that was created to detect differences in the implementation of `fgets(3)` as well as the changes file since these changes was not included in any releases yet. See: https://bugs.torproject.org/21654
2017-03-01Use tor_fgets() instead of fgets().Alexander Færøy
This patch changes our use of fgets() to tor_fgets() for more consistent error handling across different versions of the C library.
2016-10-27Automated change to use smartlist_add_strdupovercaffeinated
Use the following coccinelle script to change uses of smartlist_add(sl, tor_strdup(str)) to smartlist_add_strdup(sl, string) (coccinelle script from nickm via bug 20048): @@ expression a; expression b; @@ - smartlist_add + smartlist_add_strdup (a, - tor_strdup( b - ) )
2016-10-17Write a bunch of module documentation.Nick Mathewson
This commit adds or improves the module-level documenation for: buffers.c circuitstats.c command.c connection_edge.c control.c cpuworker.c crypto_curve25519.c crypto_curve25519.h crypto_ed25519.c crypto_format.c dircollate.c dirserv.c dns.c dns_structs.h fp_pair.c geoip.c hibernate.c keypin.c ntmain.c onion.c onion_fast.c onion_ntor.c onion_tap.c periodic.c protover.c protover.h reasons.c rephist.c replaycache.c routerlist.c routerparse.c routerset.c statefile.c status.c tor_main.c workqueue.c In particular, I've tried to explain (for each documented module) what each module does, what's in it, what the big idea is, why it belongs in Tor, and who calls it. In a few cases, I've added TODO notes about refactoring opportunities. I've also renamed an argument, and fixed a few DOCDOC comments.
2016-07-28Fix all -Wshadow warnings on LinuxNick Mathewson
This is a partial fix for 18902.
2016-06-11Add the -Wextra-semi warning from clang, and fix the cases where it triggersNick Mathewson
2016-06-11Enable -Wnull-dereference (GCC >=6.1), and fix the easy casesNick Mathewson
This warning, IIUC, means that the compiler doesn't like it when it sees a NULL check _after_ we've already dereferenced the variable. In such cases, it considers itself free to eliminate the NULL check. There are a couple of tricky cases: One was the case related to the fact that tor_addr_to_in6() can return NULL if it gets a non-AF_INET6 address. The fix was to create a variant which asserts on the address type, and never returns NULL.
2016-02-27Update the copyright year.Nick Mathewson
2015-12-18Fix a null-pointer deref when writing geoip statsNick Mathewson
Found by coverity; CID 1327892.
2015-12-15Replace usage of INLINE with inlinecypherpunks
This patch was generated using; sed -i -e "s/\bINLINE\b/inline/" src/*/*.[ch] src/*/*/*.[ch]
2015-11-23fix two typos in commentsRoger Dingledine
2015-09-15Add tests for directory_handle_command_getReinaldo de Souza Jr
2015-02-03Merge branch 'bug6852'Nick Mathewson
Conflicts: src/or/status.c
2015-02-03Choose a more deliberate cutoff for clients in heartbeatNick Mathewson
2015-01-02Bump copyright dates to 2015, in case someday this matters.Nick Mathewson
2014-11-02Apply new calloc coccinelle patchNick Mathewson
2014-10-28Add another year to our copyright dates.Nick Mathewson
Because in 95 years, we or our successors will surely care about enforcing the BSD license terms on this code. Right?
2014-09-02Another clang analyzer complaint wrt HT_GENERATENick Mathewson
We're calling mallocfn() and reallocfn() in the HT_GENERATE macro with the result of a product. But that makes any sane analyzer worry about overflow. This patch keeps HT_GENERATE having its old semantics, since we aren't the only project using ht.h. Instead, define a HT_GENERATE2 that takes a reallocarrayfn.
2014-08-29Introduce full coverage tests for module routerset.c.dana koch
This is using the paradigm introduced for test_status.c.
2014-08-13Apply coccinelle script to replace malloc(a*b)->calloc(a,b)Nick Mathewson
2014-03-25Fix warnings from doxygenNick Mathewson
Most of these are simple. The only nontrivial part is that our pattern for using ENUM_BF was confusing doxygen by making declarations that didn't look like declarations.
2014-02-28Merge remote-tracking branch 'karsten/task-5824'Nick Mathewson
2014-02-12Siphash-2-4 is now our hash in nearly all cases.Nick Mathewson
I've made an exception for cases where I'm sure that users can't influence the inputs. This is likely to cause a slowdown somewhere, but it's safer to siphash everything and *then* look for cases to optimize. This patch doesn't actually get us any _benefit_ from siphash yet, since we don't really randomize the key at any point.
2013-12-18Report complete directory request statistics on bridges.Karsten Loesing
When we wrote the directory request statistics code in August 2009, we thought that these statistics were only relevant for bridges, and that bridges should not report them. That's why we added a switch to discard relevant observations made by bridges. This code was first released in 0.2.2.1-alpha. In May 2012 we learned that we didn't fully disable directory request statistics on bridges. Bridges did report directory request statistics, but these statistics contained empty dirreq-v3-ips and dirreq-v3-reqs lines. But the remaining dirreq-* lines have always been non-empty. (We didn't notice for almost three years, because directory-request statistics were disabled by default until 0.2.3.1-alpha, and all statistics have been removed from bridge descriptors before publishing them on the metrics website.) Proposal 201, created in May 2012, suggests to add a new line called bridge-v3-reqs that is similar to dirreq-v3-reqs, but that is published only by bridges. This proposal is still open as of December 2013. Since October 2012 we're using dirreq-v3-resp (not -reqs) lines in combination with bridge-ips lines to estimate bridge user numbers; see task 8462. This estimation method has superseded the older approach that was only based on bridge-ips lines in November 2013. Using dirreq-v3-resp and bridge-ips lines is a workaround. The cleaner approach would be to use dirreq-v3-reqs instead. This commit makes bridges report the same directory request statistics as relays, including dirreq-v3-ips and dirreq-v3-reqs lines. It makes proposal 201 obsolete.
2013-08-15Add a clientmap_entry_free().Nick Mathewson
Remove a nedless strdup/free pair.
2013-08-15Fix hash functions for transport_name in client entryNick Mathewson
2013-08-15Use only uintptr_t for the value of transport_countNick Mathewson
2013-08-15If a single client connects with multiple transports, note all transports.George Kadianakis
2013-08-15Fix a number of issues with the #5040 code.George Kadianakis
- Don't leak if a transport proxy sends us a TRANSPORT command more than once. - Don't use smartlist_string_isin() in geoip_get_transport_history(). (pointed out by Nick) - Use the 'join' argument of smartlist_join_strings() instead of trying to write the separator on our own. (pointed out by Nick) - Document 'ext_or_transport' a bit better. (pointed out by Nick) - Be a bit more consistent with the types of the values of 'transport_counts'. (pointed out by Nick)
2013-08-15Make check-spaces happy.George Kadianakis
2013-07-18Write extra-info bridge-ip-transports lines.George Kadianakis