Conflicts:
	src/or/main.c

That is, GETINFO limits/max-mem-in-queues

If we can't detect the physical memory, the new default is 8 GB on
64-bit architectures, and 1 GB on 32-bit architectures.

If we *can* detect the physical memory, the new default is
  CLAMP(256 MB, phys_mem * 0.75, MAX_DFLT)
where MAX_DFLT is 8 GB on 64-bit architectures and 2 GB on 32-bit
architectures.

You can still override the default by hand.  The logic here is simply
trying to choose a lower default value on systems with less than 12 GB
of physical RAM.

Conflicts:
	src/or/circuitbuild.c

Use a per-channel ratelim_t to control the rate at which we report
failures for each channel.

Explain why I picked N=32.

Never return a zero circID.

Thanks to Andrea and to cypherpunks.

George Kadianakis authored 10 years ago and Nick Mathewson committed 10 years ago

Make it clear that a SIGHUP is not the only action that can cause a
config re-read.

George Kadianakis authored 10 years ago and Nick Mathewson committed 10 years ago

Since we need to toggle that element in non-SIGHUP situations too where
the config was re-read (like in SETCONF or RESETCONF).

George Kadianakis authored 10 years ago and Nick Mathewson committed 10 years ago

Instead, figure out if we should restart PT proxies _immediately_ after
we re-read the config file.

This is an "ours" merge, to avoid taking the 0.2.4 version of the

Conflicts:
	src/or/entrynodes.c

Previously we said "Sandbox is not implemented on this platform" on
Linux boxes without libseccomp.  Now we say that you need to build
Tor built with libseccomp. Fixes bug 11543; bugfix on 0.2.5.1-alpha.

Conflicts:
	src/or/channel.h

Fixes a possible root cause of 11553 by only making 64 attempts at
most to pick a circuitID.  Previously, we would test every possible
circuit ID until we found one or ran out.

This algorithm succeeds probabilistically. As the comment says:

  This potentially causes us to give up early if our circuit ID
  space is nearly full.  If we have N circuit IDs in use, then we
  will reject a new circuit with probability (N / max_range) ^
  MAX_CIRCID_ATTEMPTS.  This means that in practice, a few percent
  of our circuit ID capacity will go unused.

  The alternative here, though, is to do a linear search over the
  whole circuit ID space every time we extend a circuit, which is
  not so great either.

This makes new vs old clients distinguishable, so we should try to
batch it with other patches that do that, like 11438.

Fixes the surface behavior of #11553

The server cipher list is (thanks to #11513) chosen systematically to
put the best choices for Tor first.  The client cipher list is chosen
to resemble a browser.  So let's set SSL_OP_CIPHER_SERVER_PREFERENCE
to have the servers pick according to their own preference order.

Fix on fb595922; bug not in any released Tor. Found with
--enable-expensive-hardening.