[tor-commits] [tor/master] Reduce lifetime of DH public key replay-detection cache elements

[nickm at torproject.org]

commit 60ed98e184c4db70ed1cbac02c891e9bd2d8141a
Author: Robert Ransom <rransom.8774 at gmail.com>
Date:   Sun Oct 30 04:41:16 2011 -0700

    Reduce lifetime of DH public key replay-detection cache elements
---
 .../reduce-hs-intro-dh-key-replay-cache-lifetime   |    9 +++++++++
 src/or/or.h                                        |    2 +-
 2 files changed, 10 insertions(+), 1 deletions(-)

diff --git a/changes/reduce-hs-intro-dh-key-replay-cache-lifetime b/changes/reduce-hs-intro-dh-key-replay-cache-lifetime
new file mode 100644
index 0000000..5ae3785
--- /dev/null
+++ b/changes/reduce-hs-intro-dh-key-replay-cache-lifetime
@@ -0,0 +1,9 @@
+  o Minor features:
+
+    - Reduce the lifetime of elements of hidden services'
+      Diffie-Hellman public key replay-detection cache from 60 minutes
+      to 5 minutes.  This replay-detection cache is now used only to
+      detect multiple INTRODUCE2 cells specifying the same rendezvous
+      point, so we don't launch multiple simultaneous attempts to
+      connect to it.
+
diff --git a/src/or/or.h b/src/or/or.h
index 8455dc8..2e4811d 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -759,7 +759,7 @@ typedef struct rend_data_t {
 /** Time interval for tracking replays of DH public keys received in
  * INTRODUCE2 cells.  Used only to avoid launching multiple
  * simultaneous attempts to connect to the same rendezvous point. */
-#define REND_REPLAY_TIME_INTERVAL (60 * 60)
+#define REND_REPLAY_TIME_INTERVAL (5 * 60)
 
 /** Used to indicate which way a cell is going on a circuit. */
 typedef enum {