[tor-commits] [tor/master] config: Remove CloseHSClientCircuitsImmediatelyOnTimeout option

nickm at torproject.org nickm at torproject.org
Tue May 9 14:42:12 UTC 2017


commit 87e9dc48d135b0c1b6ebaeefac5cf966d6fdaca1
Author: David Goulet <dgoulet at torproject.org>
Date:   Tue Apr 25 14:03:52 2017 -0400

    config: Remove CloseHSClientCircuitsImmediatelyOnTimeout option
    
    Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
    up the code associated with it.
    
    Partially fixes #22060
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 changes/bug22060    |  3 +++
 doc/tor.1.txt       | 10 ----------
 src/or/circuituse.c | 13 +++++--------
 src/or/config.c     |  4 +---
 src/or/or.h         |  5 -----
 5 files changed, 9 insertions(+), 26 deletions(-)

diff --git a/changes/bug22060 b/changes/bug22060
index 7447b6f..722547c 100644
--- a/changes/bug22060
+++ b/changes/bug22060
@@ -9,3 +9,6 @@
       rendered obsolete. Code has been removed and feature no longer exists.
     - FastFirstHopPK was deprecated in 0.2.9.2-alpha and now has been rendered
       obsolete. Code has been removed and feature no longer exists.
+    - CloseHSClientCircuitsImmediatelyOnTimeout was deprecated in
+      0.2.9.2-alpha and now has been rendered obsolete. Code has been removed
+      and feature no longer exists.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index a9a2d4a..a5865b5 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -963,16 +963,6 @@ The following options are useful only for clients (that is, if
     services can be configured to require authorization using the
     **HiddenServiceAuthorizeClient** option.
 
-[[CloseHSClientCircuitsImmediatelyOnTimeout]] **CloseHSClientCircuitsImmediatelyOnTimeout** **0**|**1**::
-    If 1, Tor will close unfinished hidden service client circuits
-    which have not moved closer to connecting to their destination
-    hidden service when their internal state has not changed for the
-    duration of the current circuit-build timeout.  Otherwise, such
-    circuits will be left open, in the hope that they will finish
-    connecting to their destination hidden services.  In either case,
-    another set of introduction and rendezvous circuits for the same
-    destination hidden service will be launched. (Default: 0)
-
 [[CloseHSServiceRendCircuitsImmediatelyOnTimeout]] **CloseHSServiceRendCircuitsImmediatelyOnTimeout** **0**|**1**::
     If 1, Tor will close unfinished hidden-service-side rendezvous
     circuits after the current circuit-build timeout.  Otherwise, such
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 8d233e0..0ad3a72 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -705,18 +705,15 @@ circuit_expire_building(void)
       }
     }
 
-    /* If this is a hidden service client circuit which is far enough
-     * along in connecting to its destination, and we haven't already
-     * flagged it as 'timed out', and the user has not told us to
-     * close such circs immediately on timeout, flag it as 'timed out'
-     * so we'll launch another intro or rend circ, but don't mark it
-     * for close yet.
+    /* If this is a hidden service client circuit which is far enough along in
+     * connecting to its destination, and we haven't already flagged it as
+     * 'timed out', flag it so we'll launch another intro or rend circ, but
+     * don't mark it for close yet.
      *
      * (Circs flagged as 'timed out' are given a much longer timeout
      * period above, so we won't close them in the next call to
      * circuit_expire_building.) */
-    if (!(options->CloseHSClientCircuitsImmediatelyOnTimeout) &&
-        !(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out)) {
+    if (!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out)) {
       switch (victim->purpose) {
       case CIRCUIT_PURPOSE_C_REND_READY:
         /* We only want to spare a rend circ if it has been specified in
diff --git a/src/or/config.c b/src/or/config.c
index bf658ce..3723a0f 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -360,7 +360,7 @@ static config_var_t option_vars_[] = {
   VAR("HiddenServiceNumIntroductionPoints", LINELIST_S, RendConfigLines, NULL),
   VAR("HiddenServiceStatistics", BOOL, HiddenServiceStatistics_option, "1"),
   V(HidServAuth,                 LINELIST, NULL),
-  V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
+  OBSOLETE("CloseHSClientCircuitsImmediatelyOnTimeout"),
   V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
   V(HiddenServiceSingleHopMode,  BOOL,     "0"),
   V(HiddenServiceNonAnonymousMode,BOOL,    "0"),
@@ -664,8 +664,6 @@ static const config_deprecation_t option_deprecation_notes_[] = {
     "a wide variety of application-level attacks." },
   { "ClientDNSRejectInternalAddresses", "Turning this on makes your client "
     "easier to fingerprint, and may open you to esoteric attacks." },
-  { "CloseHSClientCircuitsImmediatelyOnTimeout", "This option makes your "
-    "client easier to fingerprint." },
   { "CloseHSServiceRendCircuitsImmediatelyOnTimeout", "This option makes "
     "your hidden services easier to fingerprint." },
   { "WarnUnsafeSocks", "Changing this option makes it easier for you "
diff --git a/src/or/or.h b/src/or/or.h
index e30d3da..b186673 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3769,11 +3769,6 @@ typedef struct {
   /** A routerset that should be used when picking RPs for HS circuits. */
   routerset_t *Tor2webRendezvousPoints;
 
-  /** Close hidden service client circuits immediately when they reach
-   * the normal circuit-build timeout, even if they have already sent
-   * an INTRODUCE1 cell on its way to the service. */
-  int CloseHSClientCircuitsImmediatelyOnTimeout;
-
   /** Close hidden-service-side rendezvous circuits immediately when
    * they reach the normal circuit-build timeout. */
   int CloseHSServiceRendCircuitsImmediatelyOnTimeout;





More information about the tor-commits mailing list