diff options
| author | Roger Dingledine <arma@torproject.org> | 2014-07-28 02:44:05 -0400 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2014-07-28 02:44:05 -0400 |
| commit | 68a2e4ca4baa595cc4595a511db11fa7ccbbc8f7 (patch) | |
| tree | d477a74320b3b6ede3e149a900eb66d21e018a42 | |
| parent | 8882dcfc598edde4d78c14ea0b90c8ed7f189274 (diff) | |
| download | tor-68a2e4ca4baa595cc4595a511db11fa7ccbbc8f7.tar.gz tor-68a2e4ca4baa595cc4595a511db11fa7ccbbc8f7.zip | |
Warn and drop the circuit if we receive an inbound 'relay early' cell
Those used to be normal to receive on hidden service circuits due to bug
1038, but the buggy Tor versions are long gone from the network so we
can afford to resume watching for them. Resolves the rest of bug 1038;
bugfix on 0.2.1.19.
| -rw-r--r-- | changes/bug1038-3 | 6 | ||||
| -rw-r--r-- | src/or/command.c | 20 |
2 files changed, 22 insertions, 4 deletions
diff --git a/changes/bug1038-3 b/changes/bug1038-3 new file mode 100644 index 0000000000..5af4afa46f --- /dev/null +++ b/changes/bug1038-3 @@ -0,0 +1,6 @@ + o Minor bugfixes: + - Warn and drop the circuit if we receive an inbound 'relay early' + cell. Those used to be normal to receive on hidden service circuits + due to bug 1038, but the buggy Tor versions are long gone from + the network so we can afford to resume watching for them. Resolves + the rest of bug 1038; bugfix on 0.2.1.19. diff --git a/src/or/command.c b/src/or/command.c index 51d07b0485..78fd4fad33 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -443,10 +443,22 @@ command_process_relay_cell(cell_t *cell, channel_t *chan) * gotten no more than MAX_RELAY_EARLY_CELLS_PER_CIRCUIT of them. */ if (cell->command == CELL_RELAY_EARLY) { if (direction == CELL_DIRECTION_IN) { - /* Allow an unlimited number of inbound relay_early cells, - * for hidden service compatibility. There isn't any way to make - * a long circuit through inbound relay_early cells anyway. See - * bug 1038. -RD */ + /* Inbound early cells could once be encountered as a result of + * bug 1038; but relays running versions before 0.2.1.19 are long + * gone from the network, so any such cells now are surprising. */ + log_warn(LD_OR, + "Received an inbound RELAY_EARLY cell on circuit %u." + " Closing circuit. Please report this event," + " along with the following message.", + (unsigned)cell->circ_id); + if (CIRCUIT_IS_ORIGIN(circ)) { + circuit_log_path(LOG_WARN, LD_OR, TO_ORIGIN_CIRCUIT(circ)); + } else if (circ->n_chan) { + log_warn(LD_OR, " upstream=%s", + channel_get_actual_remote_descr(circ->n_chan)); + } + circuit_mark_for_close(circ, END_CIRC_REASON_TORPROTOCOL); + return; } else { or_circuit_t *or_circ = TO_OR_CIRCUIT(circ); if (or_circ->remaining_relay_early_cells == 0) { |