From 5dca9487c422f06a056711591c3f8f4344fd075f Mon Sep 17 00:00:00 2001 From: teor Date: Wed, 9 Nov 2016 11:15:48 +1100 Subject: [PATCH 1/2] Call get_options() once at the top of circuit_log_ancient_one_hop_circuits() Refactoring, no behaviour change. --- src/or/circuituse.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/or/circuituse.c b/src/or/circuituse.c index f34470333..18cd7e3a5 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -797,6 +797,7 @@ circuit_log_ancient_one_hop_circuits(int age) time_t cutoff = now - age; int n_found = 0; smartlist_t *log_these = smartlist_new(); + const or_options_t *options = get_options(); SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) { const origin_circuit_t *ocirc; @@ -839,7 +840,7 @@ circuit_log_ancient_one_hop_circuits(int age) tor_asprintf(&dirty, "Dirty since %s (%ld seconds vs %ld-second cutoff)", dirty_since, (long)(now - circ->timestamp_dirty), - (long) get_options()->MaxCircuitDirtiness); + (long) options->MaxCircuitDirtiness); } else { dirty = tor_strdup("Not marked dirty"); } From 0ec94588ab4e83dbc8d405dc780139cd3e596880 Mon Sep 17 00:00:00 2001 From: teor Date: Wed, 9 Nov 2016 11:22:08 +1100 Subject: [PATCH 2/2] Stop logging single onion and Tor2web long-term one-hop circuits Single onion services and Tor2web deliberately create long-term one-hop circuits to their intro and rend points, respectively. These log messages are intended to diagnose issue 8387, which relates to circuits hanging around forever for no reason. Fixes bug 20613; bugfix on 0.2.9.1-alpha. Reported by "pastly". --- changes/bug20613 | 6 ++++++ src/or/circuituse.c | 15 +++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 changes/bug20613 diff --git a/changes/bug20613 b/changes/bug20613 new file mode 100644 index 000000000..19bb61f4e --- /dev/null +++ b/changes/bug20613 @@ -0,0 +1,6 @@ + o Minor bugfixes (single onion services, Tor2web): + - Stop logging long-term one-hop circuits deliberately created by single + onion services and Tor2web. These log messages are intended to diagnose + issue 8387, which relates to circuits hanging around forever for no + reason. + Fixes bug 20613; bugfix on 0.2.9.1-alpha. Reported by "pastly". diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 18cd7e3a5..84574cd5b 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -788,6 +788,8 @@ static time_t last_expired_clientside_circuits = 0; * As a diagnostic for bug 8387, log information about how many one-hop * circuits we have around that have been there for at least age * seconds. Log a few of them. + * Ignores Single Onion Service intro and Tor2web redezvous circuits, they are + * expected to be long-term one-hop circuits. */ void circuit_log_ancient_one_hop_circuits(int age) @@ -805,6 +807,19 @@ circuit_log_ancient_one_hop_circuits(int age) continue; if (circ->timestamp_created.tv_sec >= cutoff) continue; + /* Single Onion Services deliberately make long term one-hop intro + * connections. We only ignore active intro point connections, if we take + * a long time establishing, that's worth logging. */ + if (rend_service_allow_non_anonymous_connection(options) && + circ->purpose == CIRCUIT_PURPOSE_S_INTRO) + continue; + /* Tor2web deliberately makes long term one-hop rend connections, + * particularly when Tor2webRendezvousPoints is used. We only ignore + * active rend point connections, if we take a long time to rendezvous, + * that's worth logging. */ + if (rend_client_allow_non_anonymous_connection(options) && + circ->purpose == CIRCUIT_PURPOSE_C_REND_JOINED) + continue; ocirc = CONST_TO_ORIGIN_CIRCUIT(circ); if (ocirc->build_state && ocirc->build_state->onehop_tunnel) {