[tor-dev] [tor-talk] Open streams on the fly

benjaminlincoln at lavabit.com benjaminlincoln at lavabit.com
Sat Jan 19 22:31:43 UTC 2013


>>> The implementation of proposal 171 and subsequent release of tor
>>> 0.2.3.25
>>> fills my heart with joy. Yet, as far as I can tell, there is one use
>>> case
>>> that is not adequately covered. I would like to open and close Streams
>>> (TransPort's, DNSPort's and SOCKSPort's) at run-time without
>>> interfering
>>> with other, existing Streams and Circuits.  SETCONF does not work here
>>> because it resets all existing streams.
>>
>> I think tor lacks an isolation flag which specifies to isolate each and
>> every stream, even those going to the same address and port.
>
> I see, tor already implements such a flag, ISO_STREAM.

diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 773fccf..6da4147 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -888,6 +888,8 @@ The following options are useful only for clients
(that is, if
     **IsolateDestAddr**;;
         Don't share circuits with streams targetting a different
         destination address.
+    **IsolateDestAddr**;;
+        Don't share circuits with other streams at all.
     **SessionGroup=**__INT__;;
         If no other isolation rules would prevent it, allow streams
         on this port to share circuits with streams from every other
diff --git a/src/or/config.c b/src/or/config.c
index 90a5dfb..1dc3d55 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -5919,7 +5919,9 @@ parse_port_config(smartlist_t *out,
         if (!strcasecmpend(elt, "s"))
           elt[strlen(elt)-1] = '\0'; /* kill plurals. */

-        if (!strcasecmp(elt, "IsolateDestPort")) {
+	if (!strcasecmp(elt, "IsolateStream")) {
+          isoflag = ISO_STREAM;
+	} else if (!strcasecmp(elt, "IsolateDestPort")) {
           isoflag = ISO_DESTPORT;
         } else if (!strcasecmp(elt, "IsolateDestAddr")) {
           isoflag = ISO_DESTADDR;
diff --git a/src/or/or.h b/src/or/or.h
index 51c23d3..8a21c09 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2868,22 +2868,22 @@ typedef enum invalid_router_usage_t {

     @{
 */
+/** Isolate all streams. */
+#define ISO_STREAM      (1u<<0)
 /** Isolate based on destination port */
-#define ISO_DESTPORT    (1u<<0)
+#define ISO_DESTPORT    (1u<<1)
 /** Isolate based on destination address */
-#define ISO_DESTADDR    (1u<<1)
+#define ISO_DESTADDR    (1u<<2)
 /** Isolate based on SOCKS authentication */
-#define ISO_SOCKSAUTH   (1u<<2)
+#define ISO_SOCKSAUTH   (1u<<3)
 /** Isolate based on client protocol choice */
-#define ISO_CLIENTPROTO (1u<<3)
+#define ISO_CLIENTPROTO (1u<<4)
 /** Isolate based on client address */
-#define ISO_CLIENTADDR  (1u<<4)
+#define ISO_CLIENTADDR  (1u<<5)
 /** Isolate based on session group (always on). */
-#define ISO_SESSIONGRP  (1u<<5)
+#define ISO_SESSIONGRP  (1u<<6)
 /** Isolate based on newnym epoch (always on). */
-#define ISO_NYM_EPOCH   (1u<<6)
-/** Isolate all streams (Internal only). */
-#define ISO_STREAM      (1u<<7)
+#define ISO_NYM_EPOCH   (1u<<7)
 /**@}*/

 /** Default isolation level for ports. */






More information about the tor-dev mailing list