Add an option to close HS service-side rend circs on timeout

changes/bug1297b

@@ -14,5 +14,7 @@
 
     - Don't close hidden-service-side rendezvous circuits when they
       reach the normal circuit-build timeout.  Previously, we would
-      close them.  Fixes the remaining part of bug 1297.
+      close them.  This behaviour change can be disabled using the new
+      CloseHSServiceRendCircuitsImmediatelyOnTimeout option.  Fixes
+      the remaining part of bug 1297.
 

doc/tor.1.txt

@@ -693,6 +693,14 @@ The following options are useful only for clients (that is, if
     another set of introduction and rendezvous circuits for the same
     destination hidden service will be launched. (Default: 0)
 
+**CloseHSServiceRendCircuitsImmediatelyOnTimeout** **0**|**1**::
+    If 1, Tor will close unfinished hidden-service-side rendezvous
+    circuits after the current circuit-build timeout.  Otherwise, such
+    circuits will be left open, in the hope that they will finish
+    connecting to their destinations.  In either case, another
+    rendezvous circuit for the same destination client will be
+    launched. (Default: 0)
+
 **LongLivedPorts** __PORTS__::
     A list of ports for services that tend to have long-running connections
     (e.g. chat and interactive shells). Circuits for streams that use these

src/or/circuituse.c

@@ -553,7 +553,8 @@ circuit_expire_building(void)
     /* If this is a service-side rendezvous circuit which is far
      * enough along in connecting to its destination, consider sparing
      * it. */
-    if (!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) &&
+    if (!(options->CloseHSServiceRendCircuitsImmediatelyOnTimeout) &&
+        !(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) &&
         victim->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) {
       log_info(LD_CIRC,"Marking circ %s:%d:%d (state %d:%s, purpose %d) "
                "as timed-out HS circ; relaunching rendezvous attempt.",

src/or/config.c

@@ -307,6 +307,7 @@ static config_var_t _option_vars[] = {
   V(HSAuthoritativeDir,          BOOL,     "0"),
   OBSOLETE("HSAuthorityRecordStats"),
   V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
+  V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
   V(HTTPProxy,                   STRING,   NULL),
   V(HTTPProxyAuthenticator,      STRING,   NULL),
   V(HTTPSProxy,                  STRING,   NULL),

src/or/or.h

@@ -3066,6 +3066,10 @@ typedef struct {
    * an INTRODUCE1 cell on its way to the service. */
   int CloseHSClientCircuitsImmediatelyOnTimeout;
 
+  /** Close hidden-service-side rendezvous circuits immediately when
+   * they reach the normal circuit-build timeout. */
+  int CloseHSServiceRendCircuitsImmediatelyOnTimeout;
+
   int ConnLimit; /**< Demanded minimum number of simultaneous connections. */
   int _ConnLimit; /**< Maximum allowed number of simultaneous connections. */
   int RunAsDaemon; /**< If true, run in the background. (Unix only) */