[tor-commits] [tor/maint-0.2.2] Fix handling of StreamID exhaustion.
nickm at torproject.org
nickm at torproject.org
Thu Apr 7 16:04:47 UTC 2011
commit 432734279d3688fafb466a23f43585ff509ff693
Author: Nick Mathewson <nickm at torproject.org>
Date: Fri Mar 25 17:57:15 2011 -0400
Fix handling of StreamID exhaustion.
Since svn r1475/git 5b6099e8 in tor-0.0.6, we have responded to an
exhaustion of all 65535 stream IDs on a circuit by marking that
circuit for close. That's not the right response. Instead, we
should mark the circuit as "too dirty for new circuits".
Of course in reality this isn't really right either. If somebody
has managed to cram 65535 streams onto a circuit, the circuit is
probably not going to work well for any of those streams, so maybe
we should be limiting the number of streams on an origin circuit
concurrently.
Also, closing the stream in this case is probably the wrong thing to
do as well, but fixing that can also wait.
---
changes/full_ap_circuits | 6 ++++++
src/or/connection_edge.c | 18 ++++++++++++++----
2 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/changes/full_ap_circuits b/changes/full_ap_circuits
new file mode 100644
index 0000000..379a1a1
--- /dev/null
+++ b/changes/full_ap_circuits
@@ -0,0 +1,6 @@
+ o Minor bugfixes
+ - When a client finds that an origin circuit has run out of 16-bit
+ stream IDs, we now mark it as unusable for new streams.
+ Previously, we would try to close the entire circuit. Bugfix on
+ Tor version 0.0.6.
+
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index af0cfbe..72e2c8a 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -2164,9 +2164,14 @@ connection_ap_handshake_send_begin(edge_connection_t *ap_conn)
ap_conn->stream_id = get_unique_stream_id_by_circ(circ);
if (ap_conn->stream_id==0) {
+ /* XXXX023 Instead of closing this stream, we should make it get
+ * retried on another circuit. */
connection_mark_unattached_ap(ap_conn, END_STREAM_REASON_INTERNAL);
- /*XXXX022 _close_ the circuit because it's full? That sounds dumb. */
- circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_RESOURCELIMIT);
+
+ /* Mark this circuit "unusable for new streams". */
+ /* XXXX023 this is a kludgy way to do this. */
+ tor_assert(circ->_base.timestamp_dirty);
+ circ->_base.timestamp_dirty -= get_options()->MaxCircuitDirtiness;
return -1;
}
@@ -2224,9 +2229,14 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
ap_conn->stream_id = get_unique_stream_id_by_circ(circ);
if (ap_conn->stream_id==0) {
+ /* XXXX023 Instead of closing this stream, we should make it get
+ * retried on another circuit. */
connection_mark_unattached_ap(ap_conn, END_STREAM_REASON_INTERNAL);
- /*XXXX022 _close_ the circuit because it's full? That sounds dumb. */
- circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_RESOURCELIMIT);
+
+ /* Mark this circuit "unusable for new streams". */
+ /* XXXX023 this is a kludgy way to do this. */
+ tor_assert(circ->_base.timestamp_dirty);
+ circ->_base.timestamp_dirty -= get_options()->MaxCircuitDirtiness;
return -1;
}
More information about the tor-commits
mailing list