summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2008-12-29 19:55:17 +0000
committerNick Mathewson <nickm@torproject.org>2008-12-29 19:55:17 +0000
commitc1c7f982d964963023abc12eeef9bcaf9000d612 (patch)
tree1a2d2fac345124ef909798832b16baea6874045f
parent145ead96edc1da55027f0fed8124ad3842dfdfbc (diff)
downloadtor-c1c7f982d964963023abc12eeef9bcaf9000d612.tar.gz
tor-c1c7f982d964963023abc12eeef9bcaf9000d612.zip
Do not not cannibalize a circuit that has run out of RELAY_EARLY cells. Partial bug 878 fix.
svn:r17815
-rw-r--r--ChangeLog5
-rw-r--r--src/or/relay.c11
2 files changed, 12 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index c4f5fe3787..6dc66cbed7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,11 @@ Changes in version 0.2.1.10-alpha - 2009-01-??
send on that circuit. Otherwise we might violate the proposal-110
limit. Bugfix on 0.2.1.3-alpha. Partial fix for Bug 878. Diagnosis
thanks to Karsten.
+ - When we're sending non-EXTEND cells to the first hop in a circuit
+ (for example in order to use an encrypted directory connection), we
+ don't need to use RELAY_EARLY cells: the first hop knows what kind of
+ cell it is, and nobody else can even see the cell type. This makes
+ it easier to cannibalize circuits like this later.
o Code simplifications and refactoring:
- Change our header file guard macros to be less likely to conflict
diff --git a/src/or/relay.c b/src/or/relay.c
index 75bbf4cd23..7285c4690a 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -510,10 +510,13 @@ relay_send_command_from_edge(uint16_t stream_id, circuit_t *circ,
if (cell_direction == CELL_DIRECTION_OUT) {
origin_circuit_t *origin_circ = TO_ORIGIN_CIRCUIT(circ);
- if (origin_circ->remaining_relay_early_cells > 0) {
- /* If we've got any relay_early cells left, use one. Don't worry
- * about the conn protocol version: append_cell_to_circuit_queue will
- * fix it up. */
+ if (origin_circ->remaining_relay_early_cells > 0 &&
+ (relay_command == RELAY_COMMAND_EXTEND ||
+ cpath_layer != origin_circ->cpath)) {
+ /* If we've got any relay_early cells left, and we're sending a relay
+ * cell or we're not talking to the first hop, use one of them. Don't
+ * worry about the conn protocol version: append_cell_to_circuit_queue
+ * will fix it up. */
cell.command = CELL_RELAY_EARLY;
--origin_circ->remaining_relay_early_cells;
log_debug(LD_OR, "Sending a RELAY_EARLY cell; %d remaining.",