diff options
| author | Roger Dingledine <arma@torproject.org> | 2008-11-24 02:08:46 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2008-11-24 02:08:46 +0000 |
| commit | cfd21c58b538c7f967b41b87619b8147d17bf17d (patch) | |
| tree | 040c9bd8d3b9d18899f08beacd81b8e471564361 /doc/spec/proposals | |
| parent | a53ebd20f07abe108f7be6da33502036678885ad (diff) | |
| download | tor-cfd21c58b538c7f967b41b87619b8147d17bf17d.tar tor-cfd21c58b538c7f967b41b87619b8147d17bf17d.tar.gz | |
don't lose a patch that mwenge wrote to put different destination
ports on different streams. one day i will make this into a real
proposal, and argue we should put it in.
svn:r17380
Diffstat (limited to 'doc/spec/proposals')
| -rw-r--r-- | doc/spec/proposals/ideas/xxx-separate-streams-by-port.txt | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/doc/spec/proposals/ideas/xxx-separate-streams-by-port.txt b/doc/spec/proposals/ideas/xxx-separate-streams-by-port.txt new file mode 100644 index 000000000..cebde65a9 --- /dev/null +++ b/doc/spec/proposals/ideas/xxx-separate-streams-by-port.txt @@ -0,0 +1,61 @@ +Filename: xxx-separate-streams-by-port.txt +Title: Separate streams across circuits by destination port +Version: $Revision$ +Last-Modified: $Date$ +Author: Robert Hogan +Created: 21-Oct-2008 +Status: Draft + +Here's a patch Robert Hogan wrote to use only one destination port per +circuit. It's based on a wishlist item Roger wrote, to never send AIM +usernames over the same circuit that we're hoping to browse anonymously +through. The remaining open question is: how many extra circuits does this +cause an ordinary user to create? My guess is not very many, but I'm wary +of putting this in until we have some better estimate. On the other hand, +not putting it in means that we have a known security flaw. Hm. + +Index: src/or/or.h +=================================================================== +--- src/or/or.h (revision 17143) ++++ src/or/or.h (working copy) +@@ -1874,6 +1874,7 @@ + + uint8_t state; /**< Current status of this circuit. */ + uint8_t purpose; /**< Why are we creating this circuit? */ ++ uint16_t service; /**< Port conn must have to use this circuit. */ + + /** How many relay data cells can we package (read from edge streams) + * on this circuit before we receive a circuit-level sendme cell asking +Index: src/or/circuituse.c +=================================================================== +--- src/or/circuituse.c (revision 17143) ++++ src/or/circuituse.c (working copy) +@@ -62,10 +62,16 @@ + return 0; + } + +- if (purpose == CIRCUIT_PURPOSE_C_GENERAL) ++ if (purpose == CIRCUIT_PURPOSE_C_GENERAL) { + if (circ->timestamp_dirty && + circ->timestamp_dirty+get_options()->MaxCircuitDirtiness <= now) + return 0; ++ /* If the circuit is dirty and used for services on another port, ++ then it is not suitable. */ ++ if (circ->service && conn->socks_request->port && ++ (circ->service != conn->socks_request->port)) ++ return 0; ++ } + + /* decide if this circ is suitable for this conn */ + +@@ -1351,7 +1357,9 @@ + if (connection_ap_handshake_send_resolve(conn) < 0) + return -1; + } +- ++ if (conn->socks_request->port ++ && (TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_C_GENERAL)) ++ TO_CIRCUIT(circ)->service = conn->socks_request->port; + return 1; + } + |