Merge branch 'maint-0.2.2' into release-0.2.2
This commit is contained in:
commit
3f41df3005
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes:
|
||||
- When configuring, starting, or stopping an NT service, stop
|
||||
immediately after the service configuration attempt has succeeded
|
||||
or failed. Fixes bug3963; bugfix on 0.2.0.7-alpha.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (performance):
|
||||
- Avoid frequent calls to the fairly expensive cull_wedged_cpuworkers
|
||||
function. This was eating up hideously large amounts of time on some
|
||||
busy servers. Fixes bug 4518.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes:
|
||||
- Backport fixes for a pair of compilation warnings on Windows.
|
||||
Fixes bug 4521; bugfix on 0.2.2.28-beta and on 0.2.2.29-beta.
|
|
@ -0,0 +1,8 @@
|
|||
o Minor features:
|
||||
- Add two new config options for directory authorities:
|
||||
AuthDirFastGuarantee sets a bandwidth threshold for guaranteeing the
|
||||
Fast flag, and AuthDirGuardBWGuarantee sets a bandwidth threshold
|
||||
that is always sufficient to satisfy the bandwidth requirement for
|
||||
the Guard flag. Now it will be easier for researchers to simulate
|
||||
Tor networks with different values. Resolves ticket 4484.
|
||||
|
|
@ -1284,6 +1284,16 @@ DIRECTORY AUTHORITY SERVER OPTIONS
|
|||
Authoritative directories only. Like AuthDirMaxServersPerAddr, but applies
|
||||
to addresses shared with directory authorities. (Default: 5)
|
||||
|
||||
**AuthDirFastGuarantee** __N__ **bytes**|**KB**|**MB**|**GB**::
|
||||
Authoritative directories only. If non-zero, always vote the
|
||||
Fast flag for any relay advertising this amount of capacity or
|
||||
more. (Default: 20 KB)
|
||||
|
||||
**AuthDirGuardBWGuarantee** __N__ **bytes**|**KB**|**MB**|**GB**::
|
||||
Authoritative directories only. If non-zero, this advertised capacity
|
||||
or more is always sufficient to satisfy the bandwidth requirement
|
||||
for the Guard flag. (Default: 250 KB)
|
||||
|
||||
**BridgePassword** __Password__::
|
||||
If set, contains an HTTP authenticator that tells a bridge authority to
|
||||
serve all requested bridge information. Used for debugging. (Default:
|
||||
|
|
|
@ -396,7 +396,7 @@ typedef int socklen_t;
|
|||
|
||||
#ifdef MS_WINDOWS
|
||||
#define tor_socket_t intptr_t
|
||||
#define SOCKET_OK(s) ((s) != INVALID_SOCKET)
|
||||
#define SOCKET_OK(s) ((unsigned)(s) != INVALID_SOCKET)
|
||||
#else
|
||||
#define tor_socket_t int
|
||||
#define SOCKET_OK(s) ((s) >= 0)
|
||||
|
|
|
@ -1698,6 +1698,8 @@ check_private_dir(const char *dirname, cpd_check_t check,
|
|||
struct passwd *pw = NULL;
|
||||
uid_t running_uid;
|
||||
gid_t running_gid;
|
||||
#else
|
||||
(void)effective_user;
|
||||
#endif
|
||||
|
||||
tor_assert(dirname);
|
||||
|
|
|
@ -175,6 +175,8 @@ static config_var_t _option_vars[] = {
|
|||
V(AuthDirBadDir, LINELIST, NULL),
|
||||
V(AuthDirBadExit, LINELIST, NULL),
|
||||
V(AuthDirInvalid, LINELIST, NULL),
|
||||
V(AuthDirFastGuarantee, MEMUNIT, "20 KB"),
|
||||
V(AuthDirGuardBWGuarantee, MEMUNIT, "250 KB"),
|
||||
V(AuthDirReject, LINELIST, NULL),
|
||||
V(AuthDirRejectUnlisted, BOOL, "0"),
|
||||
V(AuthDirListBadDirs, BOOL, "0"),
|
||||
|
@ -3373,6 +3375,12 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|||
if (ensure_bandwidth_cap(&options->PerConnBWBurst,
|
||||
"PerConnBWBurst", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->AuthDirFastGuarantee,
|
||||
"AuthDirFastGuarantee", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->AuthDirGuardBWGuarantee,
|
||||
"AuthDirGuardBWGuarantee", msg) < 0)
|
||||
return -1;
|
||||
|
||||
if (options->RelayBandwidthRate && !options->RelayBandwidthBurst)
|
||||
options->RelayBandwidthBurst = options->RelayBandwidthRate;
|
||||
|
|
|
@ -446,9 +446,19 @@ assign_onionskin_to_cpuworker(connection_t *cpuworker,
|
|||
{
|
||||
char qbuf[1];
|
||||
char tag[TAG_LEN];
|
||||
time_t now = approx_time();
|
||||
static time_t last_culled_cpuworkers = 0;
|
||||
|
||||
cull_wedged_cpuworkers();
|
||||
spawn_enough_cpuworkers();
|
||||
/* Checking for wedged cpuworkers requires a linear search over all
|
||||
* connections, so let's do it only once a minute.
|
||||
*/
|
||||
#define CULL_CPUWORKERS_INTERVAL 60
|
||||
|
||||
if (last_culled_cpuworkers + CULL_CPUWORKERS_INTERVAL <= now) {
|
||||
cull_wedged_cpuworkers();
|
||||
spawn_enough_cpuworkers();
|
||||
last_culled_cpuworkers = now;
|
||||
}
|
||||
|
||||
if (1) {
|
||||
if (num_cpuworkers_busy == num_cpuworkers) {
|
||||
|
|
|
@ -1692,12 +1692,6 @@ should_generate_v2_networkstatus(void)
|
|||
/** If a router's MTBF is at least this value, then it is always stable.
|
||||
* See above. (Corresponds to about 7 days for current decay rates.) */
|
||||
#define MTBF_TO_GUARANTEE_STABLE (60*60*24*5)
|
||||
/** Similarly, we protect sufficiently fast nodes from being pushed
|
||||
* out of the set of Fast nodes. */
|
||||
#define BANDWIDTH_TO_GUARANTEE_FAST ROUTER_REQUIRED_MIN_BANDWIDTH
|
||||
/** Similarly, every node with sufficient bandwidth can be considered
|
||||
* for Guard status. */
|
||||
#define BANDWIDTH_TO_GUARANTEE_GUARD (250*1024)
|
||||
/** Similarly, every node with at least this much weighted time known can be
|
||||
* considered familiar enough to be a guard. Corresponds to about 20 days for
|
||||
* current decay rates.
|
||||
|
@ -1841,6 +1835,7 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
|
|||
long *tks;
|
||||
double *mtbfs, *wfus;
|
||||
time_t now = time(NULL);
|
||||
or_options_t *options = get_options();
|
||||
|
||||
/* initialize these all here, in case there are no routers */
|
||||
stable_uptime = 0;
|
||||
|
@ -1910,8 +1905,11 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
|
|||
if (guard_tk > TIME_KNOWN_TO_GUARANTEE_FAMILIAR)
|
||||
guard_tk = TIME_KNOWN_TO_GUARANTEE_FAMILIAR;
|
||||
|
||||
if (fast_bandwidth > BANDWIDTH_TO_GUARANTEE_FAST)
|
||||
fast_bandwidth = BANDWIDTH_TO_GUARANTEE_FAST;
|
||||
/* Protect sufficiently fast nodes from being pushed out of the set
|
||||
* of Fast nodes. */
|
||||
if (options->AuthDirFastGuarantee &&
|
||||
fast_bandwidth > options->AuthDirFastGuarantee)
|
||||
fast_bandwidth = options->AuthDirFastGuarantee;
|
||||
|
||||
/* Now that we have a time-known that 7/8 routers are known longer than,
|
||||
* fill wfus with the wfu of every such "familiar" router. */
|
||||
|
@ -2335,6 +2333,8 @@ set_routerstatus_from_routerinfo(routerstatus_t *rs,
|
|||
const or_options_t *options = get_options();
|
||||
int unstable_version =
|
||||
!tor_version_as_new_as(ri->platform,"0.1.1.16-rc-cvs");
|
||||
uint32_t routerbw = router_get_advertised_bandwidth(ri);
|
||||
|
||||
memset(rs, 0, sizeof(routerstatus_t));
|
||||
|
||||
rs->is_authority =
|
||||
|
@ -2360,10 +2360,10 @@ set_routerstatus_from_routerinfo(routerstatus_t *rs,
|
|||
rs->is_valid = ri->is_valid;
|
||||
|
||||
if (rs->is_fast &&
|
||||
(router_get_advertised_bandwidth(ri) >= BANDWIDTH_TO_GUARANTEE_GUARD ||
|
||||
router_get_advertised_bandwidth(ri) >=
|
||||
MIN(guard_bandwidth_including_exits,
|
||||
guard_bandwidth_excluding_exits)) &&
|
||||
((options->AuthDirGuardBWGuarantee &&
|
||||
routerbw >= options->AuthDirGuardBWGuarantee) ||
|
||||
routerbw >= MIN(guard_bandwidth_including_exits,
|
||||
guard_bandwidth_excluding_exits)) &&
|
||||
(options->GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays ||
|
||||
is_router_version_good_for_possible_guard(ri->platform))) {
|
||||
long tk = rep_hist_get_weighted_time_known(
|
||||
|
|
|
@ -728,6 +728,7 @@ nt_service_parse_options(int argc, char **argv, int *should_exit)
|
|||
if ((argc >= 3) &&
|
||||
(!strcmp(argv[1], "-service") || !strcmp(argv[1], "--service"))) {
|
||||
nt_service_loadlibrary();
|
||||
*should_exit = 1;
|
||||
if (!strcmp(argv[2], "install"))
|
||||
return nt_service_install(argc, argv);
|
||||
if (!strcmp(argv[2], "remove"))
|
||||
|
@ -737,7 +738,6 @@ nt_service_parse_options(int argc, char **argv, int *should_exit)
|
|||
if (!strcmp(argv[2], "stop"))
|
||||
return nt_service_cmd_stop();
|
||||
printf("Unrecognized service command '%s'\n", argv[2]);
|
||||
*should_exit = 1;
|
||||
return 1;
|
||||
}
|
||||
if (argc >= 2) {
|
||||
|
|
|
@ -2676,6 +2676,14 @@ typedef struct {
|
|||
* exploitation of CVE-2011-2768 against their clients? */
|
||||
int GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays;
|
||||
|
||||
/** If non-zero, always vote the Fast flag for any relay advertising
|
||||
* this amount of capacity or more. */
|
||||
uint64_t AuthDirFastGuarantee;
|
||||
|
||||
/** If non-zero, this advertised capacity or more is always sufficient
|
||||
* to satisfy the bandwidth requirement for the Guard flag. */
|
||||
uint64_t AuthDirGuardBWGuarantee;
|
||||
|
||||
char *AccountingStart; /**< How long is the accounting interval, and when
|
||||
* does it start? */
|
||||
uint64_t AccountingMax; /**< How many bytes do we allow per accounting
|
||||
|
|
Loading…
Reference in New Issue