summaryrefslogtreecommitdiff
path: root/doc/spec
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2008-08-20 05:21:43 +0000
committerRoger Dingledine <arma@torproject.org>2008-08-20 05:21:43 +0000
commit8f5642edbc9549e260b923186bc98e0fb4e8cf6e (patch)
treed1f6bb74744e742c5f65edd66a92afa125246f75 /doc/spec
parentcc8b2247bfcecae2fe96d4133c8f403db06c93f7 (diff)
downloadtor-8f5642edbc9549e260b923186bc98e0fb4e8cf6e.tar.gz
tor-8f5642edbc9549e260b923186bc98e0fb4e8cf6e.zip
Relays now reject risky extend cells: if the extend cell includes
a digest of all zeroes, or asks to extend back to the relay that sent the extend cell, tear down the circuit. Ideas suggested by rovv. svn:r16605
Diffstat (limited to 'doc/spec')
-rw-r--r--doc/spec/tor-spec.txt14
1 files changed, 8 insertions, 6 deletions
diff --git a/doc/spec/tor-spec.txt b/doc/spec/tor-spec.txt
index 74b3a250b6..e0a10a32d6 100644
--- a/doc/spec/tor-spec.txt
+++ b/doc/spec/tor-spec.txt
@@ -398,9 +398,9 @@ see tor-design.pdf.
The port and address field denote the IPV4 address and port of the next
onion router in the circuit; the public key hash is the hash of the PKCS#1
ASN1 encoding of the next onion router's identity (signing) key. (See 0.3
- above.) (Including this hash allows the extending OR verify that it is
+ above.) Including this hash allows the extending OR verify that it is
indeed connected to the correct target OR, and prevents certain
- man-in-the-middle attacks.)
+ man-in-the-middle attacks.
The payload for a CREATED cell, or the relay payload for an
EXTENDED cell, contains:
@@ -525,10 +525,12 @@ see tor-design.pdf.
When an onion router receives an EXTEND relay cell, it sends a CREATE
cell to the next onion router, with the enclosed onion skin as its
- payload. The initiating onion router chooses some circID not yet
- used on the connection between the two onion routers. (But see
- section 5.1. above, concerning choosing circIDs based on
- lexicographic order of nicknames.)
+ payload. As special cases, if the extend cell includes a digest of
+ all zeroes, or asks to extend back to the relay that sent the extend
+ cell, the circuit will fail and be torn down. The initiating onion
+ router chooses some circID not yet used on the connection between the
+ two onion routers. (But see section 5.1. above, concerning choosing
+ circIDs based on lexicographic order of nicknames.)
When an onion router receives a CREATE cell, if it already has a
circuit on the given connection with the given circID, it drops the