Opened 13 years ago

Last modified 8 years ago

#394 closed enhancement (Implemented)

Only honour SIGNEWNYM every 5 seconds

Reported by: mwenge Owned by:
Priority: Low Milestone:
Component: Core Tor/Tor Version:
Severity: Keywords:
Cc: mwenge Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Probably a braindead way of doing it, but it's also the simplest that I can think of.

Index: src/or/main.c
--- src/or/main.c (revision 9613)
+++ src/or/main.c (working copy)
@@ -54,6 +54,8 @@

static time_t time_to_fetch_running_routers = 0;
/ When do we next launch DNS wildcarding checks? */
static time_t time_to_check_for_correct_dns = 0;

+/ When do we next allow a SIGNEWNYM? */
+static time_t time_to_allow_next_signewnym = 0;

/ Array of all open connections. The first n_conns elements are valid. */
static connection_t *connection_array[MAXCONNECTIONS+1] =

@@ -1328,6 +1330,7 @@

uintptr_t sig = (uintptr_t)arg;

+ time_t now = time(NULL);

switch (sig)


@@ -1371,8 +1374,12 @@




  • circuit_expire_all_dirty_circs();
  • addressmap_clear_transient();

+ if (time_to_allow_next_signewnym < now) {
+ circuit_expire_all_dirty_circs();
+ addressmap_clear_transient();
+#define NEXT_SIGNEWNYM (5)
+ time_to_allow_next_signewnym = now + NEXT_SIGNEWNYM;
+ }




[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Change History (6)

comment:1 Changed 13 years ago by nickm

plausible; a couple of points:

1) probably you don't want to suppress the newnym entirely; just cause it to get processed later than it would have
been processed otherwise.

2) what's the motivation for this patch? Are there significant numbers of users or rogue controllers hitting the
"newnym" button every second?

comment:2 Changed 13 years ago by mwenge

I was browsing through the TODO and saw this:

  • Don't let 'newnym' be triggered more often than every n seconds.

It's a feature tork could probably use - it's a bit boneheaded and calls signewnym for every new stream (if the user selects 'paranoid' mode). But that's tork's problem, so doesn't justify a patch for tor in it's own right.

comment:3 Changed 13 years ago by nickm

gods, really? Tork should really stop doing that; it creates a lot of crypto load for the network.

IAC, this patch should go in.

comment:4 Changed 13 years ago by nickm

Implemented in r9614 and r9615. Thanks!

comment:5 Changed 13 years ago by nickm

flyspray2trac: bug closed.

comment:6 Changed 8 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.