torsvc: add support for stream isolation
In this commit, we extend the TorDial function and add a new attribute to the TorProxyNet struct to allow the caller to opt for stream isolation or not. Using stream isolation, we ensure that each new connection uses a distinct circuit.
This commit is contained in:
parent
9f52372cd2
commit
2eb9059cf7
@ -39,6 +39,12 @@ type TorProxyNet struct {
|
|||||||
// This is used for an outbound-only mode, so the node will not listen for
|
// This is used for an outbound-only mode, so the node will not listen for
|
||||||
// incoming connections
|
// incoming connections
|
||||||
TorSocks string
|
TorSocks string
|
||||||
|
|
||||||
|
// StreamIsolation is a bool that determines if we should force the
|
||||||
|
// creation of a new circuit for this connection. If true, then this
|
||||||
|
// means that our traffic may be harder to correlate as each connection
|
||||||
|
// will now use a distinct circuit.
|
||||||
|
StreamIsolation bool
|
||||||
}
|
}
|
||||||
|
|
||||||
// Dial on the Tor network uses the torsvc TorDial() function, and requires
|
// Dial on the Tor network uses the torsvc TorDial() function, and requires
|
||||||
@ -47,7 +53,7 @@ func (t *TorProxyNet) Dial(network, address string) (net.Conn, error) {
|
|||||||
if network != "tcp" {
|
if network != "tcp" {
|
||||||
return nil, fmt.Errorf("Cannot dial non-tcp network via Tor")
|
return nil, fmt.Errorf("Cannot dial non-tcp network via Tor")
|
||||||
}
|
}
|
||||||
return TorDial(address, t.TorSocks)
|
return TorDial(address, t.TorSocks, t.StreamIsolation)
|
||||||
}
|
}
|
||||||
|
|
||||||
// LookupHost on Tor network uses the torsvc TorLookupHost function.
|
// LookupHost on Tor network uses the torsvc TorLookupHost function.
|
||||||
|
@ -44,9 +44,16 @@ var (
|
|||||||
)
|
)
|
||||||
|
|
||||||
// TorDial returns a connection to a remote peer via Tor's socks proxy. Only
|
// TorDial returns a connection to a remote peer via Tor's socks proxy. Only
|
||||||
// TCP is supported over Tor.
|
// TCP is supported over Tor. The final argument determines if we should force
|
||||||
func TorDial(address, socksPort string) (net.Conn, error) {
|
// stream isolation for this new connection. If we do, then this means this new
|
||||||
p := &socks.Proxy{Addr: localhost + ":" + socksPort}
|
// connection will use a fresh circuit, rather than possibly re-using an
|
||||||
|
// existing circuit.
|
||||||
|
func TorDial(address, socksPort string, streamIsolation bool) (net.Conn, error) {
|
||||||
|
p := &socks.Proxy{
|
||||||
|
Addr: localhost + ":" + socksPort,
|
||||||
|
TorIsolation: streamIsolation,
|
||||||
|
}
|
||||||
|
|
||||||
return p.Dial("tcp", address)
|
return p.Dial("tcp", address)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user