Browse Source

Bug 19206: Clear out the domain isolator state on `New Identity`.

Additionally clear out the domain isolator state on `New Identity`.  In
theory this removes the need to explicitly issue a `NEWNYM` as new
circuits will be used for all subsequent requests, including those made
via the catch-all circuit.
Yawning Angel 4 years ago
parent
commit
6990d1e098
2 changed files with 23 additions and 0 deletions
  1. 7 0
      src/chrome/content/torbutton.js
  2. 16 0
      src/components/domain-isolator.js

+ 7 - 0
src/chrome/content/torbutton.js

@@ -1872,6 +1872,13 @@ function torbutton_do_new_identity() {
            getService(Ci.nsIPermissionManager);
   pm.removeAll();
 
+  // Clear the domain isolation state.
+  torbutton_log(3, "New Identity: Clearing domain isolator");
+
+  let domainIsolator = Cc["@torproject.org/domain-isolator;1"]
+      .getService(Ci.nsISupports).wrappedJSObject;
+  domainIsolator.clearIsolation();
+
   torbutton_log(3, "New Identity: Sending NEWNYM");
 
   // We only support TBB for newnym.

+ 16 - 0
src/components/domain-isolator.js

@@ -110,6 +110,18 @@ tor.newCircuitForDomain = function(domain) {
   logger.eclog(3, "New domain isolation for " + domain + ": " + tor.noncesForDomains[domain]);
 }
 
+// __tor.clearIsolation()_.
+// Clear the isolation state cache, forcing new circuits to be used for all
+// subsequent requests.
+tor.clearIsolation = function () {
+  // Per-domain nonces are stored in a map, so simply re-initialize the map.
+  tor.noncesForDomains = {};
+
+  // Force a rotation on the next catch-all circuit use by setting the creation
+  // time to the epoch.
+  tor.unknownDirtySince = 0;
+}
+
 // __tor.isolateCircuitsByDomain()__.
 // For every HTTPChannel, replaces the default SOCKS proxy with one that authenticates
 // to the SOCKS server (the tor client process) with a username (the first party domain)
@@ -190,6 +202,10 @@ DomainIsolator.prototype = {
     tor.isolationEnabled = false;
   },
 
+  clearIsolation: function() {
+    tor.clearIsolation();
+  },
+
   wrappedJSObject: null
 };