Opened 4 days ago

Last modified 4 days ago

#26369 new defect

Re-fetch onion service descriptor for isolated request

Reported by: sysrqb Owned by:
Priority: Medium Milestone:
Component: Core Tor Version:
Severity: Normal Keywords:
Cc: gk Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

When tor receives a new request for connecting to an onion service and this request has different isolation flags/parameters than a previous (recent) request, then tor should re-fetch the service descriptor (if we already have it). Currently, tor notices it already has the descriptor in its cache and it doesn't refetch. This is a nice performance optimization, but if a client is requesting an isolated circuit for an onion service, then we shouldn't leak that we already have the descriptor in our cache.

Instead of only using the onion service name as the map-key, we can add a unique value of the circuit isolation information (hash?).

Child Tickets

Change History (1)

comment:1 Changed 4 days ago by gk

Cc: gk added
Note: See TracTickets for help on using tickets.