Re: [tor-bugs] #3375 [Tor Client]: NEWNYM does not abandon open rendezvous circuits

["Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>]

#3375: NEWNYM does not abandon open rendezvous circuits
------------------------+---------------------------------------------------
 Reporter:  rransom     |          Owner:  rransom           
     Type:  defect      |         Status:  needs_review      
 Priority:  critical    |      Milestone:  Tor: 0.2.1.x-final
Component:  Tor Client  |        Version:                    
 Keywords:              |         Parent:                    
   Points:              |   Actualpoints:                    
------------------------+---------------------------------------------------

Comment(by nickm):

 Replying to [comment:3 rransom]:
 > Replying to [comment:2 nickm]:
 > > Looks like a plausible idea to me.
 > >
 > > Do we want to be using the same MaxCircuitDirtiness for rendezvous
 circuits?  It seems that this change would make us not only abandon
 circuits on newnym, but reintroduce to any hidden service that we want to
 stay connected to every MaxCircuitDirtiness seconds (current default 10
 min, I think).
 >
 > A rendezvous circuit's `timestamp_dirty` is reset every time a stream is
 attached to it,

 Ow.  This gives timestamp_dirty a different meaning for rendezvous
 circuits than for general circuits, where (unless I'm mistaken) only the
 first stream getting attached causes the circuit timestamp_dirty to get
 set.


 > so this change would only cause clients to reintroduce to a hidden
 service if they had a long-lived stream open and had not opened a new
 stream to the HS in the last 10 minutes.  (If they don't have a long-lived
 stream open, Tor will currently close the circuit 10 minutes after the
 last time a stream was attached to it)  I don't see a problem with using a
 new circuit in that case, and it may be beneficial (e.g. for reliability
 reasons).

 I think that's _probably_ ok too, but it's definitely a behavior change,
 and as such I'm not too thrilled about having it in 0.2.1.x.

 Roger, what do you think about this?


 > > Is changing circuit_is_acceptable sufficient?  That is, will the
 having this circuit present but non-usable cause new introduction attempts
 to be made correctly, or will new attempts to connect to the hidden
 service fail while it's around?
 >
 > When I tested this patch, a new attempt to connect to a hidden service
 after NEWNYM succeeded (in refetching the descriptor, reintroducing to the
 HS, and building and using a second rendezvous circuit).

 Great.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3375#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs