Add an option to close HS service-side rend circs on timeout

2025-02-23 14:40:51 +01:00 · 2011-12-24 04:55:20 -08:00 · 2011-12-24 04:55:20 -08:00 · 836161c560
commit 836161c560
parent f88c8ca8c9
5 changed files with 18 additions and 2 deletions
--- a/changes/bug1297b
+++ b/changes/bug1297b
@ -14,5 +14,7 @@

    - Don't close hidden-service-side rendezvous circuits when they
      reach the normal circuit-build timeout.  Previously, we would
-      close them.  Fixes the remaining part of bug 1297.
+      close them.  This behaviour change can be disabled using the new
+      CloseHSServiceRendCircuitsImmediatelyOnTimeout option.  Fixes
+      the remaining part of bug 1297.

--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@ -693,6 +693,14 @@ The following options are useful only for clients (that is, if
    another set of introduction and rendezvous circuits for the same
    destination hidden service will be launched. (Default: 0)

+**CloseHSServiceRendCircuitsImmediatelyOnTimeout** **0**|**1**::
+    If 1, Tor will close unfinished hidden-service-side rendezvous
+    circuits after the current circuit-build timeout.  Otherwise, such
+    circuits will be left open, in the hope that they will finish
+    connecting to their destinations.  In either case, another
+    rendezvous circuit for the same destination client will be
+    launched. (Default: 0)
+
 **LongLivedPorts** __PORTS__::
    A list of ports for services that tend to have long-running connections
    (e.g. chat and interactive shells). Circuits for streams that use these
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@ -553,7 +553,8 @@ circuit_expire_building(void)
    /* If this is a service-side rendezvous circuit which is far
     * enough along in connecting to its destination, consider sparing
     * it. */
-    if (!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) &&
+    if (!(options->CloseHSServiceRendCircuitsImmediatelyOnTimeout) &&
+        !(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) &&
        victim->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) {
      log_info(LD_CIRC,"Marking circ %s:%d:%d (state %d:%s, purpose %d) "
               "as timed-out HS circ; relaunching rendezvous attempt.",
--- a/src/or/config.c
+++ b/src/or/config.c
@ -307,6 +307,7 @@ static config_var_t _option_vars[] = {
  V(HSAuthoritativeDir,          BOOL,     "0"),
  OBSOLETE("HSAuthorityRecordStats"),
  V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
+  V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
  V(HTTPProxy,                   STRING,   NULL),
  V(HTTPProxyAuthenticator,      STRING,   NULL),
  V(HTTPSProxy,                  STRING,   NULL),
--- a/src/or/or.h
+++ b/src/or/or.h
@ -3066,6 +3066,10 @@ typedef struct {
   * an INTRODUCE1 cell on its way to the service. */
  int CloseHSClientCircuitsImmediatelyOnTimeout;

+  /** Close hidden-service-side rendezvous circuits immediately when
+   * they reach the normal circuit-build timeout. */
+  int CloseHSServiceRendCircuitsImmediatelyOnTimeout;
+
  int ConnLimit; /**< Demanded minimum number of simultaneous connections. */
  int _ConnLimit; /**< Maximum allowed number of simultaneous connections. */
  int RunAsDaemon; /**< If true, run in the background. (Unix only) */