dirauth: Resume sending 503 directory error code

Authorities were never sending back 503 error code because by design they
should be able to always answer directory requests regardless of bandwidth
capacity.

However, that recently backfired because of a large number of requests from
unknown source using the DirPort that are _not_ getting their 503 code which
overloaded the DirPort leading to the authority to be unable to answer to its
fellow authorities.

This is not a complete solution to the problem but it will help ease off the
load on the authority side by sending back 503 codes *unless* the connection
is from a known relay or an authority.

Fixes #33029

Signed-off-by: David Goulet <dgoulet@torproject.org>

diff --git a/changes/ticket33029 b/changes/ticket33029
new file mode 100644 (file)
index 0000000..c32ee4a
--- /dev/null
+++ b/changes/ticket33029
@@ -0,0 +1,5 @@
+  o Major bugfixes (directory authority):
+    - Directory authorities will now send a 503 (not enough bandwidth) code to
+      clients when under bandwidth pressure. Known relays and other authorities
+      will always be answered regardless of the bandwidth situation. Fixes bug
+      33029; bugfix on 0.1.2.5-alpha.

diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c
index a157c0f3fbccd3aca5ca678508c0d0a3fb50239e..50cd3810a46202d40f7d5dd87e00ccce161b414f 100644 (file)
--- a/src/core/mainloop/connection.c
+++ b/src/core/mainloop/connection.c
@@ -3211,8 +3211,21 @@ connection_dir_is_global_write_low(const connection_t *conn, size_t attempt)
   size_t smaller_bucket =
     MIN(token_bucket_rw_get_write(&global_bucket),
         token_bucket_rw_get_write(&global_relayed_bucket));
-  if (authdir_mode(get_options()))
-    return false; /* there's always room to answer v2 if we're an auth dir */
+
+  /* Special case for authorities (directory only). */
+  if (authdir_mode_v3(get_options())) {
+    /* Are we configured to possibly reject requests under load? */
+    if (!get_options()->AuthDirRejectRequestsUnderLoad) {
+      /* Answer request no matter what. */
+      return false;
+    }
+    /* Always answer requests from a known relay which includes the other
+     * authorities. The following looks up the addresses for relays that we
+     * have their descriptor _and_ any configured trusted directories. */
+    if (nodelist_probably_contains_address(&conn->addr)) {
+      return false;
+    }
+  }
 
   if (!connection_is_rate_limited(conn))
     return false; /* local conns don't get limited */