[tor-commits] [tor/master] Add an option to close HS service-side rend circs on timeout
nickm at torproject.org
nickm at torproject.org
Wed Jan 4 18:51:08 UTC 2012
commit 836161c56062686d274abf4218779c4db5c8cf5c
Author: Robert Ransom <rransom.8774 at gmail.com>
Date: Sat Dec 24 04:55:20 2011 -0800
Add an option to close HS service-side rend circs on timeout
---
changes/bug1297b | 4 +++-
doc/tor.1.txt | 8 ++++++++
src/or/circuituse.c | 3 ++-
src/or/config.c | 1 +
src/or/or.h | 4 ++++
5 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/changes/bug1297b b/changes/bug1297b
index 9cf2597..fb0d00c 100644
--- a/changes/bug1297b
+++ b/changes/bug1297b
@@ -14,5 +14,7 @@
- Don't close hidden-service-side rendezvous circuits when they
reach the normal circuit-build timeout. Previously, we would
- close them. Fixes the remaining part of bug 1297.
+ close them. This behaviour change can be disabled using the new
+ CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes
+ the remaining part of bug 1297.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index f942573..91a7c69 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -693,6 +693,14 @@ The following options are useful only for clients (that is, if
another set of introduction and rendezvous circuits for the same
destination hidden service will be launched. (Default: 0)
+**CloseHSServiceRendCircuitsImmediatelyOnTimeout** **0**|**1**::
+ If 1, Tor will close unfinished hidden-service-side rendezvous
+ circuits after the current circuit-build timeout. Otherwise, such
+ circuits will be left open, in the hope that they will finish
+ connecting to their destinations. In either case, another
+ rendezvous circuit for the same destination client will be
+ launched. (Default: 0)
+
**LongLivedPorts** __PORTS__::
A list of ports for services that tend to have long-running connections
(e.g. chat and interactive shells). Circuits for streams that use these
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 9778ae7..c07d434 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -553,7 +553,8 @@ circuit_expire_building(void)
/* If this is a service-side rendezvous circuit which is far
* enough along in connecting to its destination, consider sparing
* it. */
- if (!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) &&
+ if (!(options->CloseHSServiceRendCircuitsImmediatelyOnTimeout) &&
+ !(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) &&
victim->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) {
log_info(LD_CIRC,"Marking circ %s:%d:%d (state %d:%s, purpose %d) "
"as timed-out HS circ; relaunching rendezvous attempt.",
diff --git a/src/or/config.c b/src/or/config.c
index 3374459..da4f3c1 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -307,6 +307,7 @@ static config_var_t _option_vars[] = {
V(HSAuthoritativeDir, BOOL, "0"),
OBSOLETE("HSAuthorityRecordStats"),
V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
+ V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
V(HTTPProxy, STRING, NULL),
V(HTTPProxyAuthenticator, STRING, NULL),
V(HTTPSProxy, STRING, NULL),
diff --git a/src/or/or.h b/src/or/or.h
index 3ac8b92..e246ac4 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3066,6 +3066,10 @@ typedef struct {
* an INTRODUCE1 cell on its way to the service. */
int CloseHSClientCircuitsImmediatelyOnTimeout;
+ /** Close hidden-service-side rendezvous circuits immediately when
+ * they reach the normal circuit-build timeout. */
+ int CloseHSServiceRendCircuitsImmediatelyOnTimeout;
+
int ConnLimit; /**< Demanded minimum number of simultaneous connections. */
int _ConnLimit; /**< Maximum allowed number of simultaneous connections. */
int RunAsDaemon; /**< If true, run in the background. (Unix only) */
More information about the tor-commits
mailing list