Opened 7 years ago

Last modified 19 months ago

#394 closed enhancement (Implemented)

Only honour SIGNEWNYM every 5 seconds

Reported by: mwenge Owned by:
Priority: minor Milestone:
Component: Tor Version: 0.1.0.18
Keywords: Cc: mwenge
Actual Points: Parent ID:
Points:

Description

Probably a braindead way of doing it, but it's also the simplest that I can think of.

Index: src/or/main.c
===================================================================
--- src/or/main.c (revision 9613)
+++ src/or/main.c (working copy)
@@ -54,6 +54,8 @@

static time_t time_to_fetch_running_routers = 0;
/ When do we next launch DNS wildcarding checks? */
static time_t time_to_check_for_correct_dns = 0;

+/ When do we next allow a SIGNEWNYM? */
+static time_t time_to_allow_next_signewnym = 0;

/ Array of all open connections. The first n_conns elements are valid. */
static connection_t *connection_array[MAXCONNECTIONS+1] =

@@ -1328,6 +1330,7 @@

uintptr_t sig = (uintptr_t)arg;
(void)fd;
(void)events;

+ time_t now = time(NULL);

switch (sig)

{
case SIGTERM:

@@ -1371,8 +1374,12 @@

break;

#endif

case SIGNEWNYM:

  • circuit_expire_all_dirty_circs();
  • addressmap_clear_transient();

+ if (time_to_allow_next_signewnym < now) {
+ circuit_expire_all_dirty_circs();
+ addressmap_clear_transient();
+#define NEXT_SIGNEWNYM (5)
+ time_to_allow_next_signewnym = now + NEXT_SIGNEWNYM;
+ }

break;

case SIGCLEARDNSCACHE:

addressmap_clear_transient();

[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Change History (6)

comment:1 Changed 7 years ago by nickm

plausible; a couple of points:

1) probably you don't want to suppress the newnym entirely; just cause it to get processed later than it would have
been processed otherwise.

2) what's the motivation for this patch? Are there significant numbers of users or rogue controllers hitting the
"newnym" button every second?

comment:2 Changed 7 years ago by mwenge

I was browsing through the TODO and saw this:

  • Don't let 'newnym' be triggered more often than every n seconds.

It's a feature tork could probably use - it's a bit boneheaded and calls signewnym for every new stream (if the user selects 'paranoid' mode). But that's tork's problem, so doesn't justify a patch for tor in it's own right.

comment:3 Changed 7 years ago by nickm

gods, really? Tork should really stop doing that; it creates a lot of crypto load for the network.

IAC, this patch should go in.

comment:4 Changed 7 years ago by nickm

Implemented in r9614 and r9615. Thanks!

comment:5 Changed 7 years ago by nickm

flyspray2trac: bug closed.

comment:6 Changed 19 months ago by nickm

  • Component changed from Tor Client to Tor
Note: See TracTickets for help on using tickets.