[or-cvs] added OnionsPerSecond to prevent create flooding

Roger Dingledine arma at seul.org
Sat Nov 23 08:49:05 UTC 2002 

Update of /home/or/cvsroot/src/or
In directory moria.seul.org:/home/arma/work/onion/cvs/src/or

Modified Files:
	command.c config.c main.c or.h 
Log Message:
added OnionsPerSecond to prevent create flooding
first cut, probably needs more playing with


Index: command.c
===================================================================
RCS file: /home/or/cvsroot/src/or/command.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -d -r1.12 -r1.13
--- command.c	3 Oct 2002 02:17:41 -0000	1.12
+++ command.c	23 Nov 2002 08:49:03 -0000	1.13
@@ -4,6 +4,8 @@
 
 #include "or.h"
 
+extern or_options_t options; /* command-line and config-file options */
+
 void command_process_cell(cell_t *cell, connection_t *conn) {
 
   switch(cell->command) {
@@ -128,6 +130,14 @@
 
   /* we're all ready to go now. */ 
   circ->state = CIRCUIT_STATE_OPEN;
+
+  conn->onions_handled_this_second++;
+  log(LOG_DEBUG,"command_process_create_cell(): Processing onion %d for this second.",conn->onions_handled_this_second);
+  if(conn->onions_handled_this_second > options.OnionsPerSecond) {
+    log(LOG_DEBUG,"command_process_create_cell(): Received too many onions (now %d) this second. Closing.", conn->onions_handled_this_second);
+    circuit_close(circ);
+    return;
+  }
 
   if(process_onion(circ, conn) < 0) {
     log(LOG_DEBUG,"command_process_create_cell(): Onion processing failed. Closing.");

Index: config.c
===================================================================
RCS file: /home/or/cvsroot/src/or/config.c,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -d -r1.21 -r1.22
--- config.c	23 Nov 2002 06:49:01 -0000	1.21
+++ config.c	23 Nov 2002 08:49:03 -0000	1.22
@@ -181,6 +181,7 @@
     config_compare(list, "DirRebuildPeriod",CONFIG_TYPE_INT, &options->DirRebuildPeriod) ||
     config_compare(list, "DirFetchPeriod",  CONFIG_TYPE_INT, &options->DirFetchPeriod) ||
     config_compare(list, "KeepalivePeriod", CONFIG_TYPE_INT, &options->KeepalivePeriod) ||
+    config_compare(list, "OnionsPerSecond", CONFIG_TYPE_INT, &options->OnionsPerSecond) ||
 
     /* float options */
     config_compare(list, "CoinWeight",     CONFIG_TYPE_DOUBLE, &options->CoinWeight)
@@ -213,6 +214,7 @@
   options->DirRebuildPeriod = 600;
   options->DirFetchPeriod = 6000;
   options->KeepalivePeriod = 300;
+  options->OnionsPerSecond = 50;
 //  options->ReconnectPeriod = 6001;
   options->Role = ROLE_OR_LISTEN | ROLE_OR_CONNECT_ALL | ROLE_OP_LISTEN | ROLE_AP_LISTEN;
 

Index: main.c
===================================================================
RCS file: /home/or/cvsroot/src/or/main.c,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -d -r1.33 -r1.34
--- main.c	23 Nov 2002 06:49:01 -0000	1.33
+++ main.c	23 Nov 2002 08:49:03 -0000	1.34
@@ -301,7 +301,7 @@
 
 int prepare_for_poll(int *timeout) {
   int i;
-  int need_to_refill_buckets = 0;
+  int need_to_wake_soon = 0;
   connection_t *conn = NULL;
   connection_t *tmpconn;
   struct timeval now, soonest;
@@ -371,28 +371,32 @@
   }
   assert(*timeout >= 0);
   /* blow away any connections that need to die. can't do this later
-   * because we might open up a circuit and not realize it.
+   * because we might open up a circuit and not realize it we're about to cull it.
    */
   for(i=0;i<nfds;i++)
     check_conn_marked(i); 
 
-  /* check if we need to refill buckets */
+  /* check if we need to refill buckets or zero out any per-second stats */
   for(i=0;i<nfds;i++) {
-    if(connection_receiver_bucket_should_increase(connection_array[i])) {
-      need_to_refill_buckets = 1;
+    if(connection_receiver_bucket_should_increase(connection_array[i]) ||
+       connection_array[i]->onions_handled_this_second) {
+      need_to_wake_soon = 1;
       break;
     }
   }
 
-  if(need_to_refill_buckets) {
+  if(need_to_wake_soon) {
     if(now.tv_sec > current_second) { /* the second has already rolled over! */
 //      log(LOG_DEBUG,"prepare_for_poll(): The second has rolled over, immediately refilling.");
-      for(i=0;i<nfds;i++)
+      for(i=0;i<nfds;i++) {
         connection_increment_receiver_bucket(connection_array[i]);
+        connection_array[i]->onions_handled_this_second = 0;
+      }
       current_second = now.tv_sec; /* remember which second it is, for next time */
+    } else {
+      /* this timeout is definitely sooner than any of the above ones */
+      *timeout = 1000 - (now.tv_usec / 1000); /* how many milliseconds til the next second? */
     }
-    /* this timeout is definitely sooner than any of the above ones */
-    *timeout = 1000 - (now.tv_usec / 1000); /* how many milliseconds til the next second? */
   }
 
   if(options.LinkPadding) {

Index: or.h
===================================================================
RCS file: /home/or/cvsroot/src/or/or.h,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -d -r1.36 -r1.37
--- or.h	23 Nov 2002 06:49:01 -0000	1.36
+++ or.h	23 Nov 2002 08:49:03 -0000	1.37
@@ -216,6 +216,8 @@
 
   long timestamp_created;
 
+  int onions_handled_this_second;
+
 //  uint16_t aci; /* anonymous connection identifier */
 
 /* used by OR and OP: */
@@ -376,6 +378,7 @@
    int DirRebuildPeriod;
    int DirFetchPeriod;
    int KeepalivePeriod;
+   int OnionsPerSecond;
    int Role;
    int loglevel;
 } or_options_t;

More information about the tor-commits mailing list