Facility to retroactively apply changed configuration limits to onion service circuits
As implemented today, calling reconfigure
on an OnionService
or OnionServiceReverseProxy
doesn't close any existing streams or circuits.
But if, for example, the service administrator lowers max_concurrent_streams_per_circuit
(see #1124 (closed)) or changes a port configuration so that a given port is no longer proxied, it's possible that we might want to close the streams that would no longer be allowed by the current rules.
(This question has a bit of history with C Tor: IIUC, some service admins are surprised if no-longer-configured streams get closed suddenly, and some are surprised if they don't.)
If we do decide that we need a "retroactively enforce new limits" facility, I think at a lower level it would make sense to build it as a function that you'd call on OnionService
or OnionServiceReverseProxy
after having called reconfigure
. I am not too sure what we would want the higher level interface to look like.
Also, IMO this question is emphatically not a must-answer for releasing onion services, unless we decide that the current behavior is 100% unacceptable always.