Ticket33072 043 01 #1698
Closed
Ticket33072 043 01 #1698
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Pull Request Test Coverage Report for Build 7928
💛 - Coveralls |
That function is only used to test the global bucket write limit for a directory connection. It should _not_ be used for anything else since that function looks to see if we are a directory authority. Rename it to something more meaningful. No change in behavior at this commit, only renaming. Part of #33029 Signed-off-by: David Goulet <dgoulet@torproject.org>
…_low() Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: David Goulet <dgoulet@torproject.org>
We separate v4 and v6 because we often use an IPv4 address represented with a uint32_t instead of a tor_addr_t. This will be used to also add the trusted directory addresses taken from the configuration. The trusted directories from the consensus are already added to the address set from their descriptor. Signed-off-by: David Goulet <dgoulet@torproject.org>
The configured, within the torrc or hardcoded, directory authorities addresses are now added to the nodelist address set. Signed-off-by: David Goulet <dgoulet@torproject.org>
Authorities were never sending back 503 error code because by design they should be able to always answer directory requests regardless of bandwidth capacity. However, that recently backfired because of a large number of requests from unknown source using the DirPort that are _not_ getting their 503 code which overloaded the DirPort leading to the authority to be unable to answer to its fellow authorities. This is not a complete solution to the problem but it will help ease off the load on the authority side by sending back 503 codes *unless* the connection is from a known relay or an authority. Fixes #33029 Signed-off-by: David Goulet <dgoulet@torproject.org>
This controls the previous feature added that makes dirauth send back a 503 error code on non relay connections if under bandwidth pressure. Signed-off-by: David Goulet <dgoulet@torproject.org>
Part of #33029 Signed-off-by: David Goulet <dgoulet@torproject.org>
Fixes #33072 Signed-off-by: David Goulet <dgoulet@torproject.org>
dgoulet-tor
force-pushed
the
ticket33072_043_01
branch
from
9c7327a
to
f8e633a
Compare
armadev
reviewed
Feb 1, 2020
src/core/mainloop/connection.c
Outdated
| @@ -3277,8 +3277,11 @@ connection_bucket_write_limit(connection_t *conn, time_t now) | |||
| * shouldn't send <b>attempt</b> bytes of low-priority directory stuff | |||
| * out to <b>conn</b>. | |||
| * | |||
| * If we are a directory authority, always answer dir requests thus true is | |||
| * always returned. | |||
| * If we are are a directory authority, true is returned (indicating that we | |||
armadev
reviewed
Feb 1, 2020
| * If we are a directory authority, always answer dir requests thus true is | ||
| * always returned. | ||
| * If we are are a directory authority, true is returned (indicating that we | ||
| * should answer the request) if one of these conditions is met: |
There was a problem hiding this comment.
Careful -- 'true' indicates that we should not answer the request. This is part of the confusion we have from calling our option RejectUnderLoad and then having this function check if we're too loaded. It's hard to count the right number of negatives. Maybe we'll be happier long-term having the function be called "have-enough-room-to-answer" and inverting everything.
There was a problem hiding this comment.
Indeed, s/true/false/g in that sentence. Fixed.
This also adds the support for the option meaning, if set, every uncompressed directory requests will be served by the dirauth with a 503 error code. Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: David Goulet <dgoulet@torproject.org>
ghost
closed this
ghost
deleted the branch
This pull request was closed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.