diff options
| author | Nick Mathewson <nickm@torproject.org> | 2008-02-10 18:40:29 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2008-02-10 18:40:29 +0000 |
| commit | ab0c85eea656ad6659c2df48795e2fe28f2a2209 (patch) | |
| tree | b74d4e1d18937e7ab47a374a756d564da5cb747a | |
| parent | b5c03f05d8a0cb2da5df8d784c526c6b8ed7620d (diff) | |
| download | tor-ab0c85eea656ad6659c2df48795e2fe28f2a2209.tar.gz tor-ab0c85eea656ad6659c2df48795e2fe28f2a2209.zip | |
r14103@tombo: nickm | 2008-02-10 13:40:09 -0500
Fix some XXX020s in command.c, and make it not-allowed to negotiate v1 using the v2 connection protocol: it is too hard to test, and pointless to support.
svn:r13460
| -rw-r--r-- | doc/spec/proposals/130-v2-conn-protocol.txt | 4 | ||||
| -rw-r--r-- | src/or/command.c | 16 |
2 files changed, 17 insertions, 3 deletions
diff --git a/doc/spec/proposals/130-v2-conn-protocol.txt b/doc/spec/proposals/130-v2-conn-protocol.txt index a0e4a6169d..8a8ca492d6 100644 --- a/doc/spec/proposals/130-v2-conn-protocol.txt +++ b/doc/spec/proposals/130-v2-conn-protocol.txt @@ -173,6 +173,10 @@ Proposal: The Data in the cell is a series of big-endian two-byte integers. + * It is not allowed to negotiate V1 conections once the v2 protocol + has been used. If this happens, Tor instances should close the + connection. + 3. The rest of the "v2" protocol Once a v2 protocol has been negotiated, NETINFO cells are exchanged diff --git a/src/or/command.c b/src/or/command.c index ce7919ccb5..8e706cd7e0 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -446,7 +446,10 @@ command_process_destroy_cell(cell_t *cell, or_connection_t *conn) } /** Process a 'versions' cell. The current link protocol version must be 0 - * to indicate that no version has yet been negotiated. DOCDOC say more. */ + * to indicate that no version has yet been negotiated. We compare the versions + * cell to the list of versions we support, and pick the highest version we + * have in common. + */ static void command_process_versions_cell(var_cell_t *cell, or_connection_t *conn) { @@ -473,6 +476,12 @@ command_process_versions_cell(var_cell_t *cell, or_connection_t *conn) "list in the VERSIONS cell; closing connection."); connection_mark_for_close(TO_CONN(conn)); return; + } else if (highest_supported_version == 1) { + log_fn(LOG_PROTOCOL_WARN, LD_OR, + "Used version negotiation protocol to negotiate a v1 connection. " + "That's crazily non-compliant. Closing connection."); + connection_mark_for_close(TO_CONN(conn)); + return; } conn->link_proto = highest_supported_version; conn->handshake_state->received_versions = 1; @@ -568,9 +577,10 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn) if (abs(apparent_skew) > NETINFO_NOTICE_SKEW && router_get_by_digest(conn->identity_digest)) { char dbuf[64]; - /*XXXX020 not always warn!*/ + /*XXXX This should check the trustedness of the other side. */ + int severity = server_mode(get_options()) ? LOG_INFO : LOG_WARN; format_time_interval(dbuf, sizeof(dbuf), apparent_skew); - log_fn(LOG_WARN, LD_HTTP, "Received NETINFO cell with skewed time from " + log_fn(severity, LD_GENERAL, "Received NETINFO cell with skewed time from " "server at %s:%d. It seems that our clock is %s by %s, or " "that theirs is %s. Tor requires an accurate clock to work: " "please check your time and date settings.", |