On 17 Dec. 2016, at 06:19, Ivan Markin twim@riseup.net wrote:
o TLS connection is not going to terminate if no circuits left on it*
[*] I may be wrong about it. It holds true from my experience.
It takes about a week for a TLS connection to close if there is traffic on it, or a few minutes if there is no traffic:
Relays close circuits with no streams and no traffic on then after a minute in circuit_expire_old_circuits_serverside.
Old TLS connections in tor are marked not to be used for new circuits after 7 days in connection_or_group_set_badness_.
Most client circuits last a maximum of 10 minutes (longer if they are being used, or for hidden service introduction point circuits, which last up to 24 hours) in circuit_expire_old_circs_as_needed.
(As an aside, TLS certificates are rotated every 2 hours in rotate_x509_certificate_callback.)
T