diff options
| author | Nick Mathewson <nickm@torproject.org> | 2008-12-29 19:55:13 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2008-12-29 19:55:13 +0000 |
| commit | 145ead96edc1da55027f0fed8124ad3842dfdfbc (patch) | |
| tree | 040bd30b0a39d51a374cac933a370b08ce53e979 | |
| parent | a332805a55ce750ea3238b4e758a7542d0afcd1b (diff) | |
| download | tor-145ead96edc1da55027f0fed8124ad3842dfdfbc.tar.gz tor-145ead96edc1da55027f0fed8124ad3842dfdfbc.zip | |
Do not cannibalize a circuit that has run out of RELAY_EARLY cells. Partial bug 878 fix.
svn:r17814
| -rw-r--r-- | ChangeLog | 9 | ||||
| -rw-r--r-- | src/or/circuitlist.c | 3 |
2 files changed, 6 insertions, 6 deletions
@@ -14,6 +14,10 @@ Changes in version 0.2.1.10-alpha - 2009-01-?? o Minor bugfixes: - Make get_interface_address() function work properly again; stop guessing the wrong parts of our address as our address. + - Do not cannibalize a circuit if we're out of RELAY_EARLY cells to + send on that circuit. Otherwise we might violate the proposal-110 + limit. Bugfix on 0.2.1.3-alpha. Partial fix for Bug 878. Diagnosis + thanks to Karsten. o Code simplifications and refactoring: - Change our header file guard macros to be less likely to conflict @@ -635,11 +639,6 @@ Changes in version 0.2.1.3-alpha - 2008-08-03 reason is NO_ROUTE (that is, our network is down). o Major features: - - Implement most of proposal 110: The first K cells to be sent - along a circuit are marked as special "early" cells; only K "early" - cells will be allowed. Once this code is universal, we can block - certain kinds of DOS attack by requiring that EXTEND commands must - be sent using an "early" cell. o Major bugfixes: - Try to attach connections immediately upon receiving a RENDEZVOUS2 diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 4e5d603e1e..c807aaa457 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -896,7 +896,8 @@ circuit_find_to_cannibalize(uint8_t purpose, extend_info_t *info, origin_circuit_t *circ = TO_ORIGIN_CIRCUIT(_circ); if ((!need_uptime || circ->build_state->need_uptime) && (!need_capacity || circ->build_state->need_capacity) && - (internal == circ->build_state->is_internal)) { + (internal == circ->build_state->is_internal) && + circ->remaining_relay_early_cells) { if (info) { /* need to make sure we don't duplicate hops */ crypt_path_t *hop = circ->cpath; |