r16194@catbus: nickm | 2007-10-26 18:37:02 -0400

 Keep circuitless TLS connections open for 1.5 x MaxCircuitDirtiness: this ensures that we don't thrash closing and repoening connections to our guards.


svn:r12218

4 files changed, 20 insertions, 6 deletions

diff --git a/ChangeLog b/ChangeLog
index a9d1b5d97..e2b364c7e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,12 @@ Changes in version 0.2.0.10-alpha - 2007-1?-??
     - Drop support for OpenSSL version 0.9.6.  Just about nobody was using
       it, it had no AES, and it hasn't seen any security patches since 2004.
 
+  o Minor features:
+    - Clients new hold circuitless TLS connections open for 1.5 times
+      MaxCircuitDirtiness, since it is likely that they'll need to build
+      a circuit over them within that timeframe.  Previously, they held them
+      open only for KeepalivePeriod.
+
   o Minor bugfixes:
     - Refuse to start if both ORPort and UseBridges are set. Bugfix
       on 0.2.0.x.
diff --git a/doc/TODO b/doc/TODO
index f089e5823..0e591e836 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -23,9 +23,10 @@ Things we'd like to do in 0.2.0.x:
     - Support for preconfigured mirror lists
       - Use a pre-shipped fallback consensus.
     - Download consensuses (et al) via if-modified-since
-    - Saner TLS rotation
-      - Bump up the "connection timeout" value to be 1.5
+    o Saner TLS rotation
+      o Bump up OR the "connection timeout" value to be 1.5
 	circuit dirtiness interval.
+      o Document this in tor-spec
     - base Guard flag on WFU rather than or in addition to MTBF
     D 118 if feasible and obvious
     D Maintain a skew estimate and use ftime consistently.
@@ -103,8 +104,8 @@ Things we'd like to do in 0.2.0.x:
         - Handle rate-limiting on directory writes to linked directory
           connections in a more sensible manner.
         - Find more ways to test this.
-    - Have clients do TLS connection rotation less often than "every 10
-      minutes" in the thrashy case, and more often than "once a week" in the
+    o Do TLS rotation less often than "every 10 minutes" in the thrashy case.
+    D Do TLS connection rotation more often than "once a week" in the
       extra-stable case.
     - Streamline how we pick entry nodes: Make choose_random_entry() have
       less magic and less control logic.
diff --git a/doc/spec/tor-spec.txt b/doc/spec/tor-spec.txt
index de614207f..b31e7bf62 100644
--- a/doc/spec/tor-spec.txt
+++ b/doc/spec/tor-spec.txt
@@ -194,9 +194,12 @@ see tor-design.pdf.
    of TLS records MUST NOT leak information about the type or contents
    of the cells.
 
-   TLS connections are not permanent. Either side may close a connection
+   TLS connections are not permanent. Either side MAY close a connection
    if there are no circuits running over it and an amount of time
-   (KeepalivePeriod, defaults to 5 minutes) has passed.
+   (KeepalivePeriod, defaults to 5 minutes) has passed since the last time
+   any traffic was transmitted over the TLS connection.  Clients SHOULD
+   also hold a TLS connection with no circuits open, if it is likely that a
+   circuit will be built soon using that connection.
 
    (As an exception, directory servers may try to stay connected to all of
    the ORs -- though this will be phased out for the Tor 0.1.2.x release.)
diff --git a/src/or/main.c b/src/or/main.c
index 3c0b4ae43..08b5e805e 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -764,19 +764,23 @@ run_connection_housekeeping(int i, time_t now)
      the connection or send a keepalive, depending. */
   if (now >= conn->timestamp_lastwritten + options->KeepalivePeriod) {
     routerinfo_t *router = router_get_by_digest(or_conn->identity_digest);
+    int maxCircuitlessPeriod = options->MaxCircuitDirtiness*3/2;
     if (!connection_state_is_open(conn)) {
+      /* We never managed to actually get this connection open and happy. */
       log_info(LD_OR,"Expiring non-open OR connection to fd %d (%s:%d).",
                conn->s,conn->address, conn->port);
       connection_mark_for_close(conn);
       conn->hold_open_until_flushed = 1;
     } else if (we_are_hibernating() && !or_conn->n_circuits &&
                !buf_datalen(conn->outbuf)) {
+      /* We're hibernating, there's no circuits, and nothing to flush.*/
       log_info(LD_OR,"Expiring non-used OR connection to fd %d (%s:%d) "
                "[Hibernating or exiting].",
                conn->s,conn->address, conn->port);
       connection_mark_for_close(conn);
       conn->hold_open_until_flushed = 1;
     } else if (!clique_mode(options) && !or_conn->n_circuits &&
+               now >= conn->timestamp_lastwritten + maxCircuitlessPeriod &&
                (!router || !server_mode(options) ||
                 !router_is_clique_mode(router))) {
       log_info(LD_OR,"Expiring non-used OR connection to fd %d (%s:%d) "