|
|
@@ -54,7 +54,7 @@ static uint32_t param_introduce_defense_enabled =
|
|
|
HS_DOS_INTRODUCE_ENABLED_DEFAULT;
|
|
|
|
|
|
static uint32_t
|
|
|
-get_param_intro_dos_enabled(const networkstatus_t *ns)
|
|
|
+get_intro2_enable_consensus_param(const networkstatus_t *ns)
|
|
|
{
|
|
|
return networkstatus_get_param(ns, "HiddenServiceEnableIntroDoSDefense",
|
|
|
HS_DOS_INTRODUCE_ENABLED_DEFAULT, 0, 1);
|
|
|
@@ -62,7 +62,7 @@ get_param_intro_dos_enabled(const networkstatus_t *ns)
|
|
|
|
|
|
/* Return the parameter for the introduction rate per sec. */
|
|
|
static uint32_t
|
|
|
-get_param_rate_per_sec(const networkstatus_t *ns)
|
|
|
+get_intro2_rate_consensus_param(const networkstatus_t *ns)
|
|
|
{
|
|
|
return networkstatus_get_param(ns, "HiddenServiceEnableIntroDoSRatePerSec",
|
|
|
HS_DOS_INTRODUCE_DEFAULT_CELL_RATE_PER_SEC,
|
|
|
@@ -71,7 +71,7 @@ get_param_rate_per_sec(const networkstatus_t *ns)
|
|
|
|
|
|
/* Return the parameter for the introduction burst per sec. */
|
|
|
static uint32_t
|
|
|
-get_param_burst_per_sec(const networkstatus_t *ns)
|
|
|
+get_intro2_burst_consensus_param(const networkstatus_t *ns)
|
|
|
{
|
|
|
return networkstatus_get_param(ns, "HiddenServiceEnableIntroDoSBurstPerSec",
|
|
|
HS_DOS_INTRODUCE_DEFAULT_CELL_BURST_PER_SEC,
|
|
|
@@ -90,8 +90,8 @@ update_intro_circuits(void)
|
|
|
SMARTLIST_FOREACH_BEGIN(intro_circs, circuit_t *, circ) {
|
|
|
/* Adjust the rate/burst value that might have changed. */
|
|
|
token_bucket_ctr_adjust(&TO_OR_CIRCUIT(circ)->introduce2_bucket,
|
|
|
- hs_dos_get_intro2_rate_param(),
|
|
|
- hs_dos_get_intro2_burst_param());
|
|
|
+ param_introduce_rate_per_sec,
|
|
|
+ param_introduce_burst_per_sec);
|
|
|
} SMARTLIST_FOREACH_END(circ);
|
|
|
|
|
|
smartlist_free(intro_circs);
|
|
|
@@ -101,9 +101,9 @@ update_intro_circuits(void)
|
|
|
static void
|
|
|
set_consensus_parameters(const networkstatus_t *ns)
|
|
|
{
|
|
|
- param_introduce_rate_per_sec = get_param_rate_per_sec(ns);
|
|
|
- param_introduce_burst_per_sec = get_param_burst_per_sec(ns);
|
|
|
- param_introduce_defense_enabled = get_param_intro_dos_enabled(ns);
|
|
|
+ param_introduce_rate_per_sec = get_intro2_rate_consensus_param(ns);
|
|
|
+ param_introduce_burst_per_sec = get_intro2_burst_consensus_param(ns);
|
|
|
+ param_introduce_defense_enabled = get_intro2_enable_consensus_param(ns);
|
|
|
|
|
|
/* The above might have changed which means we need to go through all
|
|
|
* introduction circuits (relay side) and update the token buckets. */
|
|
|
@@ -143,10 +143,10 @@ hs_dos_setup_default_intro2_defenses(or_circuit_t *circ)
|
|
|
{
|
|
|
tor_assert(circ);
|
|
|
|
|
|
- circ->introduce2_dos_defense_enabled = get_param_intro_dos_enabled(NULL);
|
|
|
+ circ->introduce2_dos_defense_enabled = param_introduce_defense_enabled;
|
|
|
token_bucket_ctr_init(&circ->introduce2_bucket,
|
|
|
- get_param_rate_per_sec(NULL),
|
|
|
- get_param_burst_per_sec(NULL),
|
|
|
+ param_introduce_rate_per_sec,
|
|
|
+ param_introduce_burst_per_sec,
|
|
|
(uint32_t) approx_time());
|
|
|
}
|
|
|
|
David Goulet