Abandon rendezvous circuits on SIGNAL NEWNYM

2024-11-24 12:23:32 +01:00 · 2011-06-09 19:56:40 -07:00 · 2011-06-09 19:56:40 -07:00 · 010b8dd4f6
commit 010b8dd4f6
parent bf4b819aae
2 changed files with 10 additions and 1 deletions
--- a/changes/abandon-rend-circs-on-newnym
+++ b/changes/abandon-rend-circs-on-newnym
@ -0,0 +1,8 @@
+  o Security fixes:
+    - Don't attach new streams to old rendezvous circuits after SIGNAL
+      NEWNYM.  Previously, we would keep using an existing rendezvous
+      circuit if it remained open (i.e. if it were kept open by a
+      long-lived stream or if a new stream were attached to it before
+      Tor could notice that it was old and no longer in use and close
+      it).  Bugfix on 0.1.1.15-rc; fixes bug 3375.
+
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@ -59,7 +59,8 @@ circuit_is_acceptable(circuit_t *circ, edge_connection_t *conn,
      return 0;
  }

-  if (purpose == CIRCUIT_PURPOSE_C_GENERAL)
+  if (purpose == CIRCUIT_PURPOSE_C_GENERAL ||
+      purpose == CIRCUIT_PURPOSE_C_REND_JOINED)
    if (circ->timestamp_dirty &&
       circ->timestamp_dirty+get_options()->MaxCircuitDirtiness <= now)
      return 0;