Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Warn and drop the circuit if we receive an inbound 'relay early' cell

Those used to be normal to receive on hidden service circuits due to bug
1038, but the buggy Tor versions are long gone from the network so we
can afford to resume watching for them. Resolves the rest of bug 1038;
bugfix on 0.2.1.19.
Roger Dingledine 10 years ago
parent
8882dcfc59
commit
68a2e4ca4b
2 changed files with 22 additions and 4 deletions
Unified View Show Diff Stats
  1. 6 0
      changes/bug1038-3
  2. 16 4
      src/or/command.c

+ 6 - 0
changes/bug1038-3
View File 

@@ -0,0 +1,6 @@
 
+  o Minor bugfixes:
 
+    - Warn and drop the circuit if we receive an inbound 'relay early'
 
+      cell. Those used to be normal to receive on hidden service circuits
 
+      due to bug 1038, but the buggy Tor versions are long gone from
 
+      the network so we can afford to resume watching for them. Resolves
 
+      the rest of bug 1038; bugfix on 0.2.1.19.

+ 16 - 4
src/or/command.c
View File 

@@ -443,10 +443,22 @@ command_process_relay_cell(cell_t *cell, channel_t *chan)
 
    * gotten no more than MAX_RELAY_EARLY_CELLS_PER_CIRCUIT of them. */
 
    * gotten no more than MAX_RELAY_EARLY_CELLS_PER_CIRCUIT of them. */
 
   if (cell->command == CELL_RELAY_EARLY) {
 
   if (cell->command == CELL_RELAY_EARLY) {
 
     if (direction == CELL_DIRECTION_IN) {
 
     if (direction == CELL_DIRECTION_IN) {
 
-      /* Allow an unlimited number of inbound relay_early cells,
 
+      /* Inbound early cells could once be encountered as a result of
 
-       * for hidden service compatibility. There isn't any way to make
 
+       * bug 1038; but relays running versions before 0.2.1.19 are long
 
-       * a long circuit through inbound relay_early cells anyway. See
 
+       * gone from the network, so any such cells now are surprising. */
 
-       * bug 1038. -RD */
 
+      log_warn(LD_OR,
 
+               "Received an inbound RELAY_EARLY cell on circuit %u."
 
+               " Closing circuit. Please report this event,"
 
+               " along with the following message.",
 
+               (unsigned)cell->circ_id);
 
+      if (CIRCUIT_IS_ORIGIN(circ)) {
 
+        circuit_log_path(LOG_WARN, LD_OR, TO_ORIGIN_CIRCUIT(circ));
 
+      } else if (circ->n_chan) {
 
+        log_warn(LD_OR, " upstream=%s",
 
+                 channel_get_actual_remote_descr(circ->n_chan));
 
+      }
 
+      circuit_mark_for_close(circ, END_CIRC_REASON_TORPROTOCOL);
 
+      return;
 
     } else {
 
     } else {
 
       or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
 
       or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
 
       if (or_circ->remaining_relay_early_cells == 0) {
 
       if (or_circ->remaining_relay_early_cells == 0) {