Merge remote-tracking branch 'origin/maint-0.2.2'

changes/abandon-rend-circs-on-newnym

@@ -0,0 +1,8 @@
+  o Security fixes:
+    - Don't attach new streams to old rendezvous circuits after SIGNAL
+      NEWNYM.  Previously, we would keep using an existing rendezvous
+      circuit if it remained open (i.e. if it were kept open by a
+      long-lived stream or if a new stream were attached to it before
+      Tor could notice that it was old and no longer in use and close
+      it).  Bugfix on 0.1.1.15-rc; fixes bug 3375.
+

src/or/circuituse.c

@@ -74,7 +74,8 @@ circuit_is_acceptable(circuit_t *circ, edge_connection_t *conn,
       return 0;
   }
 
-  if (purpose == CIRCUIT_PURPOSE_C_GENERAL)
+  if (purpose == CIRCUIT_PURPOSE_C_GENERAL ||
+      purpose == CIRCUIT_PURPOSE_C_REND_JOINED)
     if (circ->timestamp_dirty &&
        circ->timestamp_dirty+get_options()->MaxCircuitDirtiness <= now)
       return 0;