[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r9615: twiddle signewnym rate-limiting patch so every signal gets h (in tor/trunk: . doc doc/spec src/or)
- To: or-cvs@xxxxxxxxxxxxx
- Subject: [or-cvs] r9615: twiddle signewnym rate-limiting patch so every signal gets h (in tor/trunk: . doc doc/spec src/or)
- From: nickm@xxxxxxxx
- Date: Thu, 22 Feb 2007 01:21:22 -0500 (EST)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Thu, 22 Feb 2007 01:21:39 -0500
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-cvs@xxxxxxxxxxxxx
Author: nickm
Date: 2007-02-22 01:21:19 -0500 (Thu, 22 Feb 2007)
New Revision: 9615
Modified:
tor/trunk/
tor/trunk/ChangeLog
tor/trunk/doc/TODO
tor/trunk/doc/spec/control-spec.txt
tor/trunk/src/or/main.c
Log:
r11873@catbus: nickm | 2007-02-22 01:21:14 -0500
twiddle signewnym rate-limiting patch so every signal gets handled eventually. document it in control-spec. add a changelog.
Property changes on: tor/trunk
___________________________________________________________________
svk:merge ticket from /tor/trunk [r11873] on 8246c3cf-6607-4228-993b-4d95d33730f1
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2007-02-22 06:21:16 UTC (rev 9614)
+++ tor/trunk/ChangeLog 2007-02-22 06:21:19 UTC (rev 9615)
@@ -52,6 +52,9 @@
advance warning.
- Add STREAM_BW events to report per-entry-stream bandwidth use. (Patch
from Robert Hogan.)
+ - Rate-limit SIGNEWNYM events in response to controllers that impolitely
+ generate them for every single stream. (Patch from mwenge; closes bug
+ 394.)
o Minor bugfixes (performance):
- Call router_have_min_dir_info half as often. (This is showing up in
Modified: tor/trunk/doc/TODO
===================================================================
--- tor/trunk/doc/TODO 2007-02-22 06:21:16 UTC (rev 9614)
+++ tor/trunk/doc/TODO 2007-02-22 06:21:19 UTC (rev 9615)
@@ -334,7 +334,7 @@
https thing in the default configuration:
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#PrivoxyWeirdSSLPort
. Flesh out options_description array in src/or/config.c
- . Don't let 'newnym' be triggered more often than every n seconds.
+ o Don't let 'newnym' be triggered more often than every n seconds.
X If we try to publish as a nickname that's already claimed, should
we append a number (or increment the number) and try again? This
way people who read their logs can fix it as before, but people
Modified: tor/trunk/doc/spec/control-spec.txt
===================================================================
--- tor/trunk/doc/spec/control-spec.txt 2007-02-22 06:21:16 UTC (rev 9614)
+++ tor/trunk/doc/spec/control-spec.txt 2007-02-22 06:21:19 UTC (rev 9615)
@@ -258,7 +258,8 @@
CLEARDNSCACHE -- Forget the client-side cached IPs for all hostnames.
NEWNYM -- Switch to clean circuits, so new application requests
don't share any circuits with old ones. Also clears
- the client-side DNS cache.
+ the client-side DNS cache. (Tor MAY rate-limit its
+ response to this signal.)
The server responds with "250 OK" if the signal is recognized (or simply
closes the socket if it was asked to close immediately), or "552
Modified: tor/trunk/src/or/main.c
===================================================================
--- tor/trunk/src/or/main.c 2007-02-22 06:21:16 UTC (rev 9614)
+++ tor/trunk/src/or/main.c 2007-02-22 06:21:19 UTC (rev 9615)
@@ -54,9 +54,14 @@
static time_t time_to_fetch_running_routers = 0;
/** When do we next launch DNS wildcarding checks? */
static time_t time_to_check_for_correct_dns = 0;
-/** When do we next allow a SIGNEWNYM? */
-static time_t time_to_allow_next_signewnym = 0;
+/** How often will we honor SIGNEWNYM requests? */
+#define MAX_SIGNEWNYM_RATE 10
+/** When did we last process a SIGNEWNYM request? */
+static time_t time_of_last_signewnym = 0;
+/** Is there a signewnym request we're currently waiting to handle? */
+static int signewnym_is_pending = 0;
+
/** Array of all open connections. The first n_conns elements are valid. */
static connection_t *connection_array[MAXCONNECTIONS+1] =
{ NULL };
@@ -748,6 +753,16 @@
*/
consider_hibernation(now);
+ /* 0b. If we've deferred a signewnym, make sure it gets handled
+ * eventually */
+ if (signewnym_is_pending &&
+ time_of_last_signewnym + MAX_SIGNEWNYM_RATE < now) {
+ circuit_expire_all_dirty_circs();
+ addressmap_clear_transient();
+ time_of_last_signewnym = now;
+ signewnym_is_pending = 0;
+ }
+
/** 1a. Every MIN_ONION_KEY_LIFETIME seconds, rotate the onion keys,
* shut down and restart all cpuworkers, and update the directory if
* necessary.
@@ -1330,7 +1345,6 @@
uintptr_t sig = (uintptr_t)arg;
(void)fd;
(void)events;
- time_t now = time(NULL);
switch (sig)
{
case SIGTERM:
@@ -1373,14 +1387,17 @@
zombies */
break;
#endif
- case SIGNEWNYM:
- if (time_to_allow_next_signewnym < now) {
+ case SIGNEWNYM: {
+ time_t now = time(NULL);
+ if (time_of_last_signewnym + MAX_SIGNEWNYM_RATE >= now) {
+ signewnym_is_pending = 1;
+ } else {
circuit_expire_all_dirty_circs();
addressmap_clear_transient();
-#define NEXT_SIGNEWNYM (5)
- time_to_allow_next_signewnym = now + NEXT_SIGNEWNYM;
+ time_of_last_signewnym = now;
}
break;
+ }
case SIGCLEARDNSCACHE:
addressmap_clear_transient();
break;