commit 351ecc463ff860e617e690ec709e80ec76f0be53 Author: Mike Perry mikeperry-git@torproject.org Date: Fri Mar 27 13:01:45 2015 -0700
Bug 15482: Restrict circuit lifetime extension to SOCKS-auth streams.
That way people's non-TBB activity won't be affected. --- gitian/patches/bug15482.patch | 36 ++++++++++++++++++++++-------------- 1 file changed, 22 insertions(+), 14 deletions(-)
diff --git a/gitian/patches/bug15482.patch b/gitian/patches/bug15482.patch index 5250fe4..df8a156 100644 --- a/gitian/patches/bug15482.patch +++ b/gitian/patches/bug15482.patch @@ -1,29 +1,37 @@ -From a9c7e6dc3508e78f4b296e38603dd34174e2a14c Mon Sep 17 00:00:00 2001 +From 748414784f71126b093aa7466908e00f71a7b046 Mon Sep 17 00:00:00 2001 From: Mike Perry mikeperry-git@torproject.org -Date: Thu, 26 Mar 2015 22:38:45 -0700 -Subject: [PATCH] Bug 15482: Don't abandon circuits that are still being used - by TBB. +Date: Fri, 27 Mar 2015 12:57:37 -0700 +Subject: [PATCH] Bug 15482: Don't abandon circuits that are still in use for + browsing.
-Reset timestamp_dirty every time we get a new stream request so that circuits -are not abandoned while still in use. +Only applies to connections with SOCKS auth set, so that non-web Tor +activity is not affected. + +Simpler version of Nick's patch because the randomness worried me, and I'm not +otherwise sure why we want a max here. --- - src/or/circuituse.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) + src/or/circuituse.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/src/or/circuituse.c b/src/or/circuituse.c -index d0d31ad..fff46cd 100644 +index d0d31ad..6cce4bf 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c -@@ -2264,8 +2264,10 @@ connection_ap_handshake_attach_chosen_circuit(entry_connection_t *conn, +@@ -2264,8 +2264,15 @@ connection_ap_handshake_attach_chosen_circuit(entry_connection_t *conn,
base_conn->state = AP_CONN_STATE_CIRCUIT_WAIT;
- if (!circ->base_.timestamp_dirty) - circ->base_.timestamp_dirty = time(NULL); -+ /* For Tor Browser, we want to avoid surprising the user by giving up on -+ * circuits while they are still being used, so we always reset the -+ * dirtiness timestamp. */ -+ circ->base_.timestamp_dirty = time(NULL); ++ if (!circ->base_.timestamp_dirty) { ++ circ->base_.timestamp_dirty = approx_time(); ++ } else if ((conn->entry_cfg.isolation_flags & ISO_SOCKSAUTH) && ++ (conn->socks_request->usernamelen || ++ conn->socks_request->passwordlen)) { ++ /* When stream isolation is in use and controlled by an application ++ * we are willing to keep using the stream. */ ++ circ->base_.timestamp_dirty = approx_time(); ++ }
pathbias_count_use_attempt(circ);