Merge branch 'maint-0.2.2' into release-0.2.2

2011-11-21 19:18:09 -05:00 · 2011-11-21 19:18:09 -05:00 · 3f41df3005
parent 8955b25fc1 97a209ea28
commit 3f41df3005
12 changed files with 74 additions and 16 deletions
--- a/changes/bug3963
+++ b/changes/bug3963
@ -0,0 +1,5 @@
+  o Minor bugfixes:
+    - When configuring, starting, or stopping an NT service, stop
+      immediately after the service configuration attempt has succeeded
+      or failed. Fixes bug3963; bugfix on 0.2.0.7-alpha.
+
--- a/changes/bug4518
+++ b/changes/bug4518
@ -0,0 +1,4 @@
+  o Minor bugfixes (performance):
+    - Avoid frequent calls to the fairly expensive cull_wedged_cpuworkers
+      function. This was eating up hideously large amounts of time on some
+      busy servers. Fixes bug 4518.
--- a/changes/bug4521
+++ b/changes/bug4521
@ -0,0 +1,3 @@
+  o Minor bugfixes:
+    - Backport fixes for a pair of compilation warnings on Windows.
+      Fixes bug 4521; bugfix on 0.2.2.28-beta and on 0.2.2.29-beta.
--- a/changes/feature4484
+++ b/changes/feature4484
@ -0,0 +1,8 @@
+  o Minor features:
+    - Add two new config options for directory authorities:
+      AuthDirFastGuarantee sets a bandwidth threshold for guaranteeing the
+      Fast flag, and AuthDirGuardBWGuarantee sets a bandwidth threshold
+      that is always sufficient to satisfy the bandwidth requirement for
+      the Guard flag. Now it will be easier for researchers to simulate
+      Tor networks with different values. Resolves ticket 4484.
+
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@ -1284,6 +1284,16 @@ DIRECTORY AUTHORITY SERVER OPTIONS
    Authoritative directories only. Like AuthDirMaxServersPerAddr, but applies
    to addresses shared with directory authorities. (Default: 5)

+**AuthDirFastGuarantee** __N__ **bytes**|**KB**|**MB**|**GB**::
+    Authoritative directories only. If non-zero, always vote the
+    Fast flag for any relay advertising this amount of capacity or
+    more. (Default: 20 KB)
+
+**AuthDirGuardBWGuarantee** __N__ **bytes**|**KB**|**MB**|**GB**::
+    Authoritative directories only. If non-zero, this advertised capacity
+    or more is always sufficient to satisfy the bandwidth requirement
+    for the Guard flag. (Default: 250 KB)
+
 **BridgePassword** __Password__::
    If set, contains an HTTP authenticator that tells a bridge authority to
    serve all requested bridge information.  Used for debugging.  (Default:
--- a/src/common/compat.h
+++ b/src/common/compat.h
@ -396,7 +396,7 @@ typedef int socklen_t;

 #ifdef MS_WINDOWS
 #define tor_socket_t intptr_t
-#define SOCKET_OK(s) ((s) != INVALID_SOCKET)
+#define SOCKET_OK(s) ((unsigned)(s) != INVALID_SOCKET)
 #else
 #define tor_socket_t int
 #define SOCKET_OK(s) ((s) >= 0)
--- a/src/common/util.c
+++ b/src/common/util.c
@ -1698,6 +1698,8 @@ check_private_dir(const char *dirname, cpd_check_t check,
  struct passwd *pw = NULL;
  uid_t running_uid;
  gid_t running_gid;
+#else
+  (void)effective_user;
 #endif

  tor_assert(dirname);
--- a/src/or/config.c
+++ b/src/or/config.c
@ -175,6 +175,8 @@ static config_var_t _option_vars[] = {
  V(AuthDirBadDir,               LINELIST, NULL),
  V(AuthDirBadExit,              LINELIST, NULL),
  V(AuthDirInvalid,              LINELIST, NULL),
+  V(AuthDirFastGuarantee,        MEMUNIT,  "20 KB"),
+  V(AuthDirGuardBWGuarantee,     MEMUNIT,  "250 KB"),
  V(AuthDirReject,               LINELIST, NULL),
  V(AuthDirRejectUnlisted,       BOOL,     "0"),
  V(AuthDirListBadDirs,          BOOL,     "0"),
@ -3373,6 +3375,12 @@ options_validate(or_options_t *old_options, or_options_t *options,
  if (ensure_bandwidth_cap(&options->PerConnBWBurst,
                           "PerConnBWBurst", msg) < 0)
    return -1;
+  if (ensure_bandwidth_cap(&options->AuthDirFastGuarantee,
+                           "AuthDirFastGuarantee", msg) < 0)
+    return -1;
+  if (ensure_bandwidth_cap(&options->AuthDirGuardBWGuarantee,
+                           "AuthDirGuardBWGuarantee", msg) < 0)
+    return -1;

  if (options->RelayBandwidthRate && !options->RelayBandwidthBurst)
    options->RelayBandwidthBurst = options->RelayBandwidthRate;
--- a/src/or/cpuworker.c
+++ b/src/or/cpuworker.c
@ -446,9 +446,19 @@ assign_onionskin_to_cpuworker(connection_t *cpuworker,
 {
  char qbuf[1];
  char tag[TAG_LEN];
+  time_t now = approx_time();
+  static time_t last_culled_cpuworkers = 0;

-  cull_wedged_cpuworkers();
-  spawn_enough_cpuworkers();
+  /* Checking for wedged cpuworkers requires a linear search over all
+   * connections, so let's do it only once a minute.
+   */
+#define CULL_CPUWORKERS_INTERVAL 60
+
+  if (last_culled_cpuworkers + CULL_CPUWORKERS_INTERVAL <= now) {
+    cull_wedged_cpuworkers();
+    spawn_enough_cpuworkers();
+    last_culled_cpuworkers = now;
+  }

  if (1) {
    if (num_cpuworkers_busy == num_cpuworkers) {
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@ -1692,12 +1692,6 @@ should_generate_v2_networkstatus(void)
 /** If a router's MTBF is at least this value, then it is always stable.
 * See above.  (Corresponds to about 7 days for current decay rates.) */
 #define MTBF_TO_GUARANTEE_STABLE (60*60*24*5)
-/** Similarly, we protect sufficiently fast nodes from being pushed
- * out of the set of Fast nodes. */
-#define BANDWIDTH_TO_GUARANTEE_FAST ROUTER_REQUIRED_MIN_BANDWIDTH
-/** Similarly, every node with sufficient bandwidth can be considered
- * for Guard status. */
-#define BANDWIDTH_TO_GUARANTEE_GUARD (250*1024)
 /** Similarly, every node with at least this much weighted time known can be
 * considered familiar enough to be a guard.  Corresponds to about 20 days for
 * current decay rates.
@ -1841,6 +1835,7 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
  long *tks;
  double *mtbfs, *wfus;
  time_t now = time(NULL);
+  or_options_t *options = get_options();

  /* initialize these all here, in case there are no routers */
  stable_uptime = 0;
@ -1910,8 +1905,11 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
  if (guard_tk > TIME_KNOWN_TO_GUARANTEE_FAMILIAR)
    guard_tk = TIME_KNOWN_TO_GUARANTEE_FAMILIAR;

-  if (fast_bandwidth > BANDWIDTH_TO_GUARANTEE_FAST)
-    fast_bandwidth = BANDWIDTH_TO_GUARANTEE_FAST;
+  /* Protect sufficiently fast nodes from being pushed out of the set
+   * of Fast nodes. */
+  if (options->AuthDirFastGuarantee &&
+      fast_bandwidth > options->AuthDirFastGuarantee)
+    fast_bandwidth = options->AuthDirFastGuarantee;

  /* Now that we have a time-known that 7/8 routers are known longer than,
   * fill wfus with the wfu of every such "familiar" router. */
@ -2335,6 +2333,8 @@ set_routerstatus_from_routerinfo(routerstatus_t *rs,
  const or_options_t *options = get_options();
  int unstable_version =
    !tor_version_as_new_as(ri->platform,"0.1.1.16-rc-cvs");
+  uint32_t routerbw = router_get_advertised_bandwidth(ri);
+
  memset(rs, 0, sizeof(routerstatus_t));

  rs->is_authority =
@ -2360,10 +2360,10 @@ set_routerstatus_from_routerinfo(routerstatus_t *rs,
  rs->is_valid = ri->is_valid;

  if (rs->is_fast &&
-      (router_get_advertised_bandwidth(ri) >= BANDWIDTH_TO_GUARANTEE_GUARD ||
-       router_get_advertised_bandwidth(ri) >=
-                              MIN(guard_bandwidth_including_exits,
-                                  guard_bandwidth_excluding_exits)) &&
+      ((options->AuthDirGuardBWGuarantee &&
+        routerbw >= options->AuthDirGuardBWGuarantee) ||
+       routerbw >= MIN(guard_bandwidth_including_exits,
+                       guard_bandwidth_excluding_exits)) &&
      (options->GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays ||
       is_router_version_good_for_possible_guard(ri->platform))) {
    long tk = rep_hist_get_weighted_time_known(
--- a/src/or/ntmain.c
+++ b/src/or/ntmain.c
@ -728,6 +728,7 @@ nt_service_parse_options(int argc, char **argv, int *should_exit)
  if ((argc >= 3) &&
      (!strcmp(argv[1], "-service") || !strcmp(argv[1], "--service"))) {
    nt_service_loadlibrary();
+    *should_exit = 1;
    if (!strcmp(argv[2], "install"))
      return nt_service_install(argc, argv);
    if (!strcmp(argv[2], "remove"))
@ -737,7 +738,6 @@ nt_service_parse_options(int argc, char **argv, int *should_exit)
    if (!strcmp(argv[2], "stop"))
      return nt_service_cmd_stop();
    printf("Unrecognized service command '%s'\n", argv[2]);
-    *should_exit = 1;
    return 1;
  }
  if (argc >= 2) {
--- a/src/or/or.h
+++ b/src/or/or.h
@ -2676,6 +2676,14 @@ typedef struct {
   * exploitation of CVE-2011-2768 against their clients? */
  int GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays;

+  /** If non-zero, always vote the Fast flag for any relay advertising
+   * this amount of capacity or more. */
+  uint64_t AuthDirFastGuarantee;
+
+  /** If non-zero, this advertised capacity or more is always sufficient
+   * to satisfy the bandwidth requirement for the Guard flag. */
+  uint64_t AuthDirGuardBWGuarantee;
+
  char *AccountingStart; /**< How long is the accounting interval, and when
                          * does it start? */
  uint64_t AccountingMax; /**< How many bytes do we allow per accounting