diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-06-17 15:24:23 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-06-17 15:24:23 -0400 |
| commit | 85d4c290d79264d334baa9e5c8fdf3b06d0b3d79 (patch) | |
| tree | 8a3b404b1b7d6c6ca665ea2876a448fa802b3b11 | |
| parent | 209229f100d20958d0826d4f6773d7f6b3a43ade (diff) | |
| parent | 010b8dd4f6e8e3c3d2e44ff589ff61cbf64b952a (diff) | |
| download | tor-85d4c290d79264d334baa9e5c8fdf3b06d0b3d79.tar.gz tor-85d4c290d79264d334baa9e5c8fdf3b06d0b3d79.zip | |
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
| -rw-r--r-- | changes/abandon-rend-circs-on-newnym | 8 | ||||
| -rw-r--r-- | src/or/circuituse.c | 3 |
2 files changed, 10 insertions, 1 deletions
diff --git a/changes/abandon-rend-circs-on-newnym b/changes/abandon-rend-circs-on-newnym new file mode 100644 index 0000000000..67cb2dce2f --- /dev/null +++ b/changes/abandon-rend-circs-on-newnym @@ -0,0 +1,8 @@ + o Security fixes: + - Don't attach new streams to old rendezvous circuits after SIGNAL + NEWNYM. Previously, we would keep using an existing rendezvous + circuit if it remained open (i.e. if it were kept open by a + long-lived stream or if a new stream were attached to it before + Tor could notice that it was old and no longer in use and close + it). Bugfix on 0.1.1.15-rc; fixes bug 3375. + diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 138fff6f78..0ad8b3b51b 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -73,7 +73,8 @@ circuit_is_acceptable(circuit_t *circ, edge_connection_t *conn, return 0; } - if (purpose == CIRCUIT_PURPOSE_C_GENERAL) + if (purpose == CIRCUIT_PURPOSE_C_GENERAL || + purpose == CIRCUIT_PURPOSE_C_REND_JOINED) if (circ->timestamp_dirty && circ->timestamp_dirty+get_options()->MaxCircuitDirtiness <= now) return 0; |