пре 12 година · 3fc3ed50a1
--- a/changes/bug4361
+++ b/changes/bug4361
@@ -0,0 +1,4 @@
 
				+  o Minor bugfixes:
			
 
				+    - Spec conformance: on a v3 handshake, do not send a NETINFO cell until
			
 
				+      after we have received a CERTS cell. Bugfix on 0.2.3.6-alpha;
			
 
				+      fixes bug 4361; patch by "frosty".
			
--- a/src/or/command.c
+++ b/src/or/command.c
@@ -728,10 +728,9 @@ command_process_versions_cell(var_cell_t *cell, or_connection_t *conn)
 
				     const int send_certs = !started_here || public_server_mode(get_options());
			
 
				     /* If we're a relay that got a connection, ask for authentication. */
			
 
				     const int send_chall = !started_here && public_server_mode(get_options());
			
 
				-    /* If our certs cell will authenticate us, or if we have no intention of
			
 
				-     * authenticating, send a netinfo cell right now. */
			
 
				-    const int send_netinfo =
			
 
				-      !(started_here && public_server_mode(get_options()));
			
 
				+    /* If our certs cell will authenticate us, we can send a netinfo cell
			
 
				+     * right now. */
			
 
				+    const int send_netinfo = !started_here;
			
 
				     const int send_any =
			
 
				       send_versions || send_certs || send_chall || send_netinfo;
			
 
				     tor_assert(conn->link_proto >= 3);
			
@@ -958,6 +957,7 @@ command_process_certs_cell(var_cell_t *cell, or_connection_t *conn)
 
				 
			
 
				   uint8_t *ptr;
			
 
				   int n_certs, i;
			
 
				+  int send_netinfo = 0;
			
 
				 
			
 
				   if (conn->_base.state != OR_CONN_STATE_OR_HANDSHAKING_V3)
			
 
				     ERR("We're not doing a v3 handshake!");
			
@@ -1072,6 +1072,13 @@ command_process_certs_cell(var_cell_t *cell, or_connection_t *conn)
 
				 
			
 
				     conn->handshake_state->id_cert = id_cert;
			
 
				     id_cert = NULL;
			
 
				+
			
 
				+    if (!public_server_mode(get_options())) {
			
 
				+      /* If we initiated the connection and we are not a public server, we
			
 
				+       * aren't planning to authenticate at all.  At this point we know who we
			
 
				+       * are talking to, so we can just send a netinfo now. */
			
 
				+      send_netinfo = 1;
			
 
				+    }
			
 
				   } else {
			
 
				     if (! (id_cert && auth_cert))
			
 
				       ERR("The certs we wanted were missing");
			
@@ -1093,6 +1100,15 @@ command_process_certs_cell(var_cell_t *cell, or_connection_t *conn)
 
				   }
			
 
				 
			
 
				   conn->handshake_state->received_certs_cell = 1;
			
 
				+
			
 
				+  if (send_netinfo) {
			
 
				+    if (connection_or_send_netinfo(conn) < 0) {
			
 
				+      log_warn(LD_OR, "Couldn't send netinfo cell");
			
 
				+      connection_mark_for_close(TO_CONN(conn));
			
 
				+      goto err;
			
 
				+    }
			
 
				+  }
			
 
				+
			
 
				  err:
			
 
				   tor_cert_free(id_cert);
			
 
				   tor_cert_free(link_cert);