[tor-bugs] #17592 [Tor]: Clean up connection timeout logic

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Nov 15 01:22:22 UTC 2015


#17592: Clean up connection timeout logic
-----------------------+------------------------------------
 Reporter:  mikeperry  |          Owner:  mikeperry
     Type:  defect     |         Status:  new
 Priority:  Medium     |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor        |        Version:
 Severity:  Normal     |     Resolution:
 Keywords:             |  Actual Points:
Parent ID:  #16861     |         Points:
  Sponsor:             |
-----------------------+------------------------------------

Comment (by mikeperry):

 Ok, I think I want to combine CircuitIdleTimeout and
 PredictedPortsRelevanceTime into a single option (call it
 CircuitsAvailableTimeout?) and also randomize the value by some range when
 it is used.

 Where CircuitIdleTimeout is currently used, I would sample a random
 timeout value on circuit creation and store it in origin_circuit_t. Where
 PredictedPortsRelevantTime is used, I think the right thing to do is to
 sample a new value whenever the list of predicted ports is empty.

 For the TLS connection timeout, I want to explicitly separate canonical
 relay connections from client connections and non-canonical relay
 connections, and make the relay connection timeout be on the order of an
 hour (randomized +/- 25%) and be controlled by a consensus parameter. The
 client TLS connection timeout can be much shorter, since client TLS
 lifespan will be governed primarily by circuit activity (which will be
 controlled via CircuitsAvailableTimeout).

 With these two sets of changes, it will be much easier to control how long
 TLS connections live (and thus more easily control network activity and
 padding), for both relays and clients.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17592#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list