[tor-commits] [tor/release-0.2.5] Increase limit for status vote download size by a factor of 5.
nickm at torproject.org
nickm at torproject.org
Mon Mar 9 17:37:06 UTC 2015
commit ceb6dee4652567fd503e5ceb9345354efd935a1b
Author: Nick Mathewson <nickm at torproject.org>
Date: Sun Jan 18 15:25:29 2015 -0500
Increase limit for status vote download size by a factor of 5.
We've started to hit the limit here. We introduced the limit in
0.1.2.5-alpha. This fixes bug 14261, but we should have a smarter way
to not actually do the behavior this permits. See #14267 for a ticket
about fixing that.
---
changes/bug14261 | 5 +++++
src/or/directory.c | 9 ++++++++-
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/changes/bug14261 b/changes/bug14261
new file mode 100644
index 0000000..1260ccb
--- /dev/null
+++ b/changes/bug14261
@@ -0,0 +1,5 @@
+ O Minor bugfixes (directory authority):
+ - Allow directory authorities to fetch more data from one
+ another if they find themselves missing lots of votes.
+ Previously, they had been bumping against the 10 MB queued
+ data limit. Fixes bug 14261. Bugfix on 0.1.2.5-alpha.
diff --git a/src/or/directory.c b/src/or/directory.c
index 298271f..50863d0 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -2183,12 +2183,15 @@ connection_dir_reached_eof(dir_connection_t *conn)
*/
#define MAX_DIRECTORY_OBJECT_SIZE (10*(1<<20))
+#define MAX_VOTE_DL_SIZE (MAX_DIRECTORY_OBJECT_SIZE * 5)
+
/** Read handler for directory connections. (That's connections <em>to</em>
* directory servers and connections <em>at</em> directory servers.)
*/
int
connection_dir_process_inbuf(dir_connection_t *conn)
{
+ size_t max_size;
tor_assert(conn);
tor_assert(conn->base_.type == CONN_TYPE_DIR);
@@ -2207,7 +2210,11 @@ connection_dir_process_inbuf(dir_connection_t *conn)
return 0;
}
- if (connection_get_inbuf_len(TO_CONN(conn)) > MAX_DIRECTORY_OBJECT_SIZE) {
+ max_size =
+ (TO_CONN(conn)->purpose == DIR_PURPOSE_FETCH_STATUS_VOTE) ?
+ MAX_VOTE_DL_SIZE : MAX_DIRECTORY_OBJECT_SIZE;
+
+ if (connection_get_inbuf_len(TO_CONN(conn)) > max_size) {
log_warn(LD_HTTP, "Too much data received from directory connection: "
"denial of service attempt, or you need to upgrade?");
connection_mark_for_close(TO_CONN(conn));
More information about the tor-commits
mailing list