Don't set begindir_cutoff so low
In #3443 (moved) we have problems where clients compute a low cbt, then end up giving up on a circuit while it's doing TLS handshakes, marking the relay down. This situation is especially bad when clients use bridges, since they give up on their bridges and then just sit there unwilling to connect to anything.
It is too late to do complex changes for 0.2.3. I wonder if it's not too late for some simple fixes though.
In particular, I'm thinking to let one-hop circuits use the full timeout, not half of it -- since the "half" heuristic makes even less sense when much of the circuit-building time is spent in the tls handshake.
- SET_CUTOFF(begindir_cutoff, circ_times.timeout_ms / 2.0);
+ SET_CUTOFF(begindir_cutoff, circ_times.timeout_ms);
In #3443 (moved), Mike suggested that we just disable cbt for begindir requests. That sounds fine in theory too, but I think that's more something I'd want to test in 0.2.4 for a bit.