instead of looking at raw circuit counts, look at which fraction of
(bandwidth-weighted) paths we're able to build. This approach keeps
clients from building circuits if their paths are likely to stand out
- statistically. Fixes issue 5956.
+ statistically. The default fraction of paths needed is taken from the
+ consensus directory; you can override it with the new
+ PathsNeededToBuildCircuits option. Fixes issue 5956.
things may influence the choice. This option breaks a tie to the
favor of IPv6. (Default: 0)
+**PathsNeededToBuildCircuits** __NUM__::
+ Tor clients don't build circuits for user traffic until they know
+ about enough of the network so that they could potentially construct
+ enough of the possible paths through the network. If this option
+ is set to a fraction between 0.25 and 0.95, Tor won't build circuits
+ until it has enough descriptors or microdescriptors to construct
+ that fraction of possible paths. Note that setting this option too low
+ can make your Tor client less anonymous, and setting it too high can
+ prevent your Tor client from bootstrapping. If this option is negative,
+ Tor will use a default value chosen by the directory
+ authorities. (Default: -1.)
+
SERVER OPTIONS
--------------
V(PathBiasDropGuards, AUTOBOOL, "0"),
V(PathBiasUseCloseCounts, AUTOBOOL, "1"),
+ V(PathsNeededToBuildCircuits, DOUBLE, "-1"),
OBSOLETE("PathlenCoinWeight"),
V(PerConnBWBurst, MEMUNIT, "0"),
V(PerConnBWRate, MEMUNIT, "0"),
return -1;
}
+ if (options->PathsNeededToBuildCircuits >= 0.0) {
+ if (options->PathsNeededToBuildCircuits < 0.25) {
+ log_warn(LD_CONFIG, "PathsNeededToBuildCircuits is too low. Increasing "
+ "to 0.25");
+ options->PathsNeededToBuildCircuits = 0.25;
+ } else if (options->PathsNeededToBuildCircuits < 0.95) {
+ log_warn(LD_CONFIG, "PathsNeededToBuildCircuits is too high. Decreasing "
+ "to 0.95");
+ options->PathsNeededToBuildCircuits = 0.95;
+ }
+ }
+
if (options->MaxClientCircuitsPending <= 0 ||
options->MaxClientCircuitsPending > MAX_MAX_CLIENT_CIRCUITS_PENDING) {
tor_asprintf(msg,
BOOTSTRAP_STATUS_LOADING_DESCRIPTORS));
}
+/** Return the fraction of paths needed before we're willing to build
+ * circuits, as configured in <b>options</b>, or in the consensus <b>ns</b>. */
+static double
+get_frac_paths_needed_for_circs(const or_options_t *options,
+ const networkstatus_t *ns)
+{
+#define DFLT_PCT_USABLE_NEEDED 60
+ if (options->PathsNeededToBuildCircuits >= 1.0) {
+ return options->PathsNeededToBuildCircuits;
+ } else {
+ return networkstatus_get_param(ns, "min_paths_for_circs_pct",
+ DFLT_PCT_USABLE_NEEDED,
+ 25, 95)/100.0;
+ }
+}
+
/** Change the value of have_min_dir_info, setting it true iff we have enough
* network and router information to build circuits. Clear the value of
* need_to_update_have_min_dir_info. */
&num_present, &num_usable,
&status);
-/* What fraction of desired paths do we need before we will build circuits? */
-#define FRAC_USABLE_NEEDED .6
-
- if (paths < FRAC_USABLE_NEEDED) {
+ if (paths < get_frac_paths_needed_for_circs(options,consensus)) {
tor_snprintf(dir_info_status, sizeof(dir_info_status),
"We need more %sdescriptors: we have %d/%d, and "
"can only build %02d%% of likely paths. (We have %s.)",
/** Autobool: should we use the ntor handshake if we can? */
int UseNTorHandshake;
+
+ /** Fraction: */
+ double PathsNeededToBuildCircuits;
} or_options_t;
/** Persistent state for an onion router, as saved to disk. */
projects / thirdparty / tor.git / commitdiff
