Opened 16 months ago
Last modified 10 months ago
#23980 assigned enhancement
Provide torrc option to kill hidden service circuits after $TIMEOUT, $NUM_BYTES, or guard changes.
| Reported by: | mikeperry | Owned by: | mikeperry |
|---|---|---|---|
| Priority: | Medium | Milestone: | Tor: unspecified |
| Component: | Core Tor/Tor | Version: | |
| Severity: | Normal | Keywords: | guard-discovery-stats, 034-triage-20180328, 034-removed-20180328 |
| Cc: | Actual Points: | ||
| Parent ID: | Points: | ||
| Reviewer: | Sponsor: | SponsorV-can |
Description
HTTP hidden services and other short-lived protocols do not need to keep their circuits open very long. Somewhere between 10min and 1 hour ought to be plenty. Since long-lived circuits are a vector for guard discovery (see #22728), we should provide a torrc option to set a max hidden service circuit lifetime.
Note that making this timeout too low effectively enables new forms of #20212, so we should err towards an hour for the timeout here until that fix is landed.
Child Tickets
Change History (7)
comment:1 Changed 16 months ago by
| Keywords: | guard-discovery-stats added; guard-discovery removed |
|---|
comment:2 Changed 15 months ago by
| Owner: | set to mikeperry |
|---|---|
| Status: | new → assigned |
comment:3 Changed 13 months ago by
| Summary: | Provide torrc option to kill hidden service circuits after $TIMEOUT → Provide torrc option to kill hidden service circuits after $TIMEOUT, $NUM_BYTES, or guard changes. |
|---|
Other useful optional kill conditions include:
- After a certain number of bytes (like a multiplier of a website's expected page size) have been sent on the circuit. Read and write should be separate params, since many services have much more data going in one direction than the other.
- After the vanguard/pinned middle stops being used.
comment:4 Changed 13 months ago by
| Milestone: | Tor: 0.3.3.x-final → Tor: 0.3.4.x-final |
|---|
comment:5 Changed 11 months ago by
| Keywords: | 034-triage-20180328 added |
|---|
comment:6 Changed 11 months ago by
| Keywords: | 034-removed-20180328 added |
|---|
Per our triage process, these tickets are pending removal from 0.3.4.
comment:7 Changed 10 months ago by
| Milestone: | Tor: 0.3.4.x-final → Tor: unspecified |
|---|
These tickets, tagged with 034-removed-*, are no longer in-scope for 0.3.4. We can reconsider any of them, if time permits.
I can take this one, probably in December.