[tor-commits] [tor/release-0.4.3] dirauth: Add option AuthDirRejectRequestsUnderLoad

nickm at torproject.org nickm at torproject.org
Thu Feb 20 13:51:04 UTC 2020


commit 735aa208b1592e166d03ec96e90422293d26b98a
Author: David Goulet <dgoulet at torproject.org>
Date:   Tue Feb 11 09:56:44 2020 -0500

    dirauth: Add option AuthDirRejectRequestsUnderLoad
    
    This controls the previous feature added that makes dirauth send back a 503
    error code on non relay connections if under bandwidth pressure.
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 doc/tor.1.txt                  | 7 +++++++
 src/app/config/config.c        | 1 +
 src/app/config/or_options_st.h | 7 +++++++
 3 files changed, 15 insertions(+)

diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 1504223b8..c7c41e784 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2925,6 +2925,13 @@ on the public Tor network.
     before it will treat advertised bandwidths as wholly
     unreliable. (Default: 500)
 
+[[AuthDirRejectRequestsUnderLoad]] **AuthDirRejectRequestsUnderLoad** **0**|**1**::
+    If set, the directory authority will start rejecting directory requests
+    from non relay connections by sending a 503 error code if it is under
+    bandwidth pressure (reaching the configured limit if any). Relays will
+    always tried to be answered even if this is on. (Default: 1)
+
+
 HIDDEN SERVICE OPTIONS
 ----------------------
 
diff --git a/src/app/config/config.c b/src/app/config/config.c
index deda2448b..89ec26f05 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -671,6 +671,7 @@ static const config_var_t option_vars_[] = {
   OBSOLETE("UseNTorHandshake"),
   V(User,                        STRING,   NULL),
   OBSOLETE("UserspaceIOCPBuffers"),
+  V(AuthDirRejectRequestsUnderLoad, BOOL,  "1"),
   V(AuthDirSharedRandomness,     BOOL,     "1"),
   V(AuthDirTestEd25519LinkKeys,  BOOL,     "1"),
   OBSOLETE("V1AuthoritativeDirectory"),
diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h
index 32dcd9fb1..e6be79701 100644
--- a/src/app/config/or_options_st.h
+++ b/src/app/config/or_options_st.h
@@ -1008,6 +1008,13 @@ struct or_options_t {
    */
   uint64_t MaxUnparseableDescSizeToLog;
 
+  /** Bool (default: 1): Under bandwidth pressure, if set to 1, the authority
+   * will always answer directory requests from relays but will start sending
+   * 503 error code for the other connections. If set to 0, all connections
+   * are considered the same and the authority will try to answer them all
+   * regardless of bandwidth pressure or not. */
+  int AuthDirRejectRequestsUnderLoad;
+
   /** Bool (default: 1): Switch for the shared random protocol. Only
    * relevant to a directory authority. If off, the authority won't
    * participate in the protocol. If on (default), a flag is added to the





More information about the tor-commits mailing list