Browse Source

Stop logging single onion and Tor2web long-term one-hop circuits

Single onion services and Tor2web deliberately create long-term one-hop
circuits to their intro and rend points, respectively.

These log messages are intended to diagnose issue 8387, which relates to
circuits hanging around forever for no reason.

Fixes bug 20613; bugfix on 0.2.9.1-alpha. Reported by "pastly".
teor 7 years ago
parent
commit
0ec94588ab
2 changed files with 21 additions and 0 deletions
  1. 6 0
      changes/bug20613
  2. 15 0
      src/or/circuituse.c

+ 6 - 0
changes/bug20613

@@ -0,0 +1,6 @@
+  o Minor bugfixes (single onion services, Tor2web):
+    - Stop logging long-term one-hop circuits deliberately created by single
+      onion services and Tor2web. These log messages are intended to diagnose
+      issue 8387, which relates to circuits hanging around forever for no
+      reason.
+      Fixes bug 20613; bugfix on 0.2.9.1-alpha. Reported by "pastly".

+ 15 - 0
src/or/circuituse.c

@@ -788,6 +788,8 @@ static time_t last_expired_clientside_circuits = 0;
  * As a diagnostic for bug 8387, log information about how many one-hop
  * circuits we have around that have been there for at least <b>age</b>
  * seconds. Log a few of them.
+ * Ignores Single Onion Service intro and Tor2web redezvous circuits, they are
+ * expected to be long-term one-hop circuits.
  */
 void
 circuit_log_ancient_one_hop_circuits(int age)
@@ -805,6 +807,19 @@ circuit_log_ancient_one_hop_circuits(int age)
       continue;
     if (circ->timestamp_created.tv_sec >= cutoff)
       continue;
+    /* Single Onion Services deliberately make long term one-hop intro
+     * connections. We only ignore active intro point connections, if we take
+     * a long time establishing, that's worth logging. */
+    if (rend_service_allow_non_anonymous_connection(options) &&
+        circ->purpose == CIRCUIT_PURPOSE_S_INTRO)
+      continue;
+    /* Tor2web deliberately makes long term one-hop rend connections,
+     * particularly when Tor2webRendezvousPoints is used. We only ignore
+     * active rend point connections, if we take a long time to rendezvous,
+     * that's worth logging. */
+    if (rend_client_allow_non_anonymous_connection(options) &&
+        circ->purpose == CIRCUIT_PURPOSE_C_REND_JOINED)
+      continue;
     ocirc = CONST_TO_ORIGIN_CIRCUIT(circ);
 
     if (ocirc->build_state && ocirc->build_state->onehop_tunnel) {