Loading changes/ticket24308 0 → 100644 +6 −0 Original line number Diff line number Diff line o Minor features (denial-of-service memory limiter): - Allow the user to configure even lower values for the MaxMemInQueues parameter. Relays now enforce a minimum of 64 MB, when previously the minimum was 256 MB. On clients, there is no minimum. Relays and clients will both warn if the value is set so low that Tor is likely to stop working. Closes ticket 24308. src/app/config/config.c +21 −4 Original line number Diff line number Diff line Loading @@ -4585,6 +4585,9 @@ options_validate(or_options_t *old_options, or_options_t *options, STATIC uint64_t compute_real_max_mem_in_queues(const uint64_t val, bool is_server) { #define MIN_SERVER_MB 64 #define MIN_UNWARNED_SERVER_MB 256 #define MIN_UNWARNED_CLIENT_MB 64 uint64_t result; if (val == 0) { Loading Loading @@ -4650,10 +4653,24 @@ compute_real_max_mem_in_queues(const uint64_t val, bool is_server) notice_sent = 1; } return result; } else if (val < ONE_GIGABYTE / 4) { log_warn(LD_CONFIG, "MaxMemInQueues must be at least 256 MB for now. " "Ideally, have it as large as you can afford."); return ONE_GIGABYTE / 4; } else if (is_server && val < ONE_MEGABYTE * MIN_SERVER_MB) { /* We can't configure less than this much on a server. */ log_warn(LD_CONFIG, "MaxMemInQueues must be at least %d MB on servers " "for now. Ideally, have it as large as you can afford.", MIN_SERVER_MB); return MIN_SERVER_MB * ONE_MEGABYTE; } else if (is_server && val < ONE_MEGABYTE * MIN_UNWARNED_SERVER_MB) { /* On a server, if it's less than this much, we warn that things * may go badly. */ log_warn(LD_CONFIG, "MaxMemInQueues is set to a low value; if your " "relay doesn't work, this may be the reason why."); return val; } else if (! is_server && val < ONE_MEGABYTE * MIN_UNWARNED_CLIENT_MB) { /* On a client, if it's less than this much, we warn that things * may go badly. */ log_warn(LD_CONFIG, "MaxMemInQueues is set to a low value; if your " "client doesn't work, this may be the reason why."); return val; } else { /* The value was fine all along */ return val; Loading Loading
changes/ticket24308 0 → 100644 +6 −0 Original line number Diff line number Diff line o Minor features (denial-of-service memory limiter): - Allow the user to configure even lower values for the MaxMemInQueues parameter. Relays now enforce a minimum of 64 MB, when previously the minimum was 256 MB. On clients, there is no minimum. Relays and clients will both warn if the value is set so low that Tor is likely to stop working. Closes ticket 24308.
src/app/config/config.c +21 −4 Original line number Diff line number Diff line Loading @@ -4585,6 +4585,9 @@ options_validate(or_options_t *old_options, or_options_t *options, STATIC uint64_t compute_real_max_mem_in_queues(const uint64_t val, bool is_server) { #define MIN_SERVER_MB 64 #define MIN_UNWARNED_SERVER_MB 256 #define MIN_UNWARNED_CLIENT_MB 64 uint64_t result; if (val == 0) { Loading Loading @@ -4650,10 +4653,24 @@ compute_real_max_mem_in_queues(const uint64_t val, bool is_server) notice_sent = 1; } return result; } else if (val < ONE_GIGABYTE / 4) { log_warn(LD_CONFIG, "MaxMemInQueues must be at least 256 MB for now. " "Ideally, have it as large as you can afford."); return ONE_GIGABYTE / 4; } else if (is_server && val < ONE_MEGABYTE * MIN_SERVER_MB) { /* We can't configure less than this much on a server. */ log_warn(LD_CONFIG, "MaxMemInQueues must be at least %d MB on servers " "for now. Ideally, have it as large as you can afford.", MIN_SERVER_MB); return MIN_SERVER_MB * ONE_MEGABYTE; } else if (is_server && val < ONE_MEGABYTE * MIN_UNWARNED_SERVER_MB) { /* On a server, if it's less than this much, we warn that things * may go badly. */ log_warn(LD_CONFIG, "MaxMemInQueues is set to a low value; if your " "relay doesn't work, this may be the reason why."); return val; } else if (! is_server && val < ONE_MEGABYTE * MIN_UNWARNED_CLIENT_MB) { /* On a client, if it's less than this much, we warn that things * may go badly. */ log_warn(LD_CONFIG, "MaxMemInQueues is set to a low value; if your " "client doesn't work, this may be the reason why."); return val; } else { /* The value was fine all along */ return val; Loading