git.ipfire.org Git - thirdparty/tor.git/commit

author	Nick Mathewson <nickm@torproject.org>
	Tue, 19 Feb 2013 23:29:17 +0000 (18:29 -0500)
committer	Nick Mathewson <nickm@torproject.org>
	Tue, 19 Feb 2013 23:29:17 +0000 (18:29 -0500)
commit	62fb209d837f3f5510075ef8bdb6e231ebdfa9bc
tree	5cac02bf416adc7cd9c5bb3f0b219d6c6bdb966d	tree \| snapshot
parent	337e32f5b8f5f3b310da20bf0135f17d06efb3ab	commit \| diff

Stop frobbing timestamp_dirty as our sole means to mark circuits unusable

In a number of places, we decrement timestamp_dirty by
MaxCircuitDirtiness in order to mark a stream as "unusable for any
new connections.

This pattern sucks for a few reasons:
  * It is nonobvious.
  * It is error-prone: decrementing 0 can be a bad choice indeed.
  * It really wants to have a function.

It can also introduce bugs if the system time jumps backwards, or if
MaxCircuitDirtiness is increased.

So in this patch, I add an unusable_for_new_conns flag to
origin_circuit_t, make it get checked everywhere it should (I looked
for things that tested timestamp_dirty), and add a new function to
frob it.

For now, the new function does still frob timestamp_dirty (after
checking for underflow and whatnot), in case I missed any cases that
should be checking unusable_for_new_conns.

Fixes bug 6174. We first used this pattern in 516ef41ac1fd26f338c,
which I think was in 0.0.2pre26 (but it could have been 0.0.2pre27).

changes/bug6174	[new file with mode: 0644]	blob
src/or/circuitlist.c		diff \| blob \| blame \| history
src/or/circuituse.c		diff \| blob \| blame \| history
src/or/circuituse.h		diff \| blob \| blame \| history
src/or/connection_edge.c		diff \| blob \| blame \| history
src/or/or.h		diff \| blob \| blame \| history
src/or/relay.c		diff \| blob \| blame \| history