[tor-commits] [tor/release-0.2.1] Abandon rendezvous circuits on SIGNAL NEWNYM

arma at torproject.org arma at torproject.org
Mon Oct 24 06:28:18 UTC 2011


commit 010b8dd4f6e8e3c3d2e44ff589ff61cbf64b952a
Author: Robert Ransom <rransom.8774 at gmail.com>
Date:   Thu Jun 9 19:56:40 2011 -0700

    Abandon rendezvous circuits on SIGNAL NEWNYM
---
 changes/abandon-rend-circs-on-newnym |    8 ++++++++
 src/or/circuituse.c                  |    3 ++-
 2 files changed, 10 insertions(+), 1 deletions(-)

diff --git a/changes/abandon-rend-circs-on-newnym b/changes/abandon-rend-circs-on-newnym
new file mode 100644
index 0000000..67cb2dc
--- /dev/null
+++ b/changes/abandon-rend-circs-on-newnym
@@ -0,0 +1,8 @@
+  o Security fixes:
+    - Don't attach new streams to old rendezvous circuits after SIGNAL
+      NEWNYM.  Previously, we would keep using an existing rendezvous
+      circuit if it remained open (i.e. if it were kept open by a
+      long-lived stream or if a new stream were attached to it before
+      Tor could notice that it was old and no longer in use and close
+      it).  Bugfix on 0.1.1.15-rc; fixes bug 3375.
+
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 41c1899..48fc198 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -59,7 +59,8 @@ circuit_is_acceptable(circuit_t *circ, edge_connection_t *conn,
       return 0;
   }
 
-  if (purpose == CIRCUIT_PURPOSE_C_GENERAL)
+  if (purpose == CIRCUIT_PURPOSE_C_GENERAL ||
+      purpose == CIRCUIT_PURPOSE_C_REND_JOINED)
     if (circ->timestamp_dirty &&
        circ->timestamp_dirty+get_options()->MaxCircuitDirtiness <= now)
       return 0;





More information about the tor-commits mailing list