nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

don't lose a patch that mwenge wrote to put different destination

Browse Source 
ports on different streams. one day i will make this into a real
proposal, and argue we should put it in.


svn:r17380
This commit is contained in:
Roger Dingledine 2008-11-24 02:08:46 +00:00
parent a53ebd20f0
commit cfd21c58b5
1 changed files with 61 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
doc/spec/proposals/ideas/xxx-separate-streams-by-port.txt Normal file
View File

@ -0,0 +1,61 @@
Filename: xxx-separate-streams-by-port.txt
Title: Separate streams across circuits by destination port
Version: $Revision$
Last-Modified: $Date$
Author: Robert Hogan
Created: 21-Oct-2008
Status: Draft
Here's a patch Robert Hogan wrote to use only one destination port per
circuit. It's based on a wishlist item Roger wrote, to never send AIM
usernames over the same circuit that we're hoping to browse anonymously
through. The remaining open question is: how many extra circuits does this
cause an ordinary user to create? My guess is not very many, but I'm wary
of putting this in until we have some better estimate. On the other hand,
not putting it in means that we have a known security flaw. Hm.
Index: src/or/or.h
===================================================================
--- src/or/or.h (revision 17143)
+++ src/or/or.h (working copy)
@@ -1874,6 +1874,7 @@
uint8_t state; /**< Current status of this circuit. */
uint8_t purpose; /**< Why are we creating this circuit? */
+ uint16_t service; /**< Port conn must have to use this circuit. */
/** How many relay data cells can we package (read from edge streams)
* on this circuit before we receive a circuit-level sendme cell asking
Index: src/or/circuituse.c
===================================================================
--- src/or/circuituse.c (revision 17143)
+++ src/or/circuituse.c (working copy)
@@ -62,10 +62,16 @@
return 0;
}
- if (purpose == CIRCUIT_PURPOSE_C_GENERAL)
+ if (purpose == CIRCUIT_PURPOSE_C_GENERAL) {
if (circ->timestamp_dirty &&
circ->timestamp_dirty+get_options()->MaxCircuitDirtiness <= now)
return 0;
+ /* If the circuit is dirty and used for services on another port,
+ then it is not suitable. */
+ if (circ->service && conn->socks_request->port &&
+ (circ->service != conn->socks_request->port))
+ return 0;
+ }
/* decide if this circ is suitable for this conn */
@@ -1351,7 +1357,9 @@
if (connection_ap_handshake_send_resolve(conn) < 0)
return -1;
}
-
+ if (conn->socks_request->port
+ && (TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_C_GENERAL))
+ TO_CIRCUIT(circ)->service = conn->socks_request->port;
return 1;
}