diff options
author | David Goulet <dgoulet@torproject.org> | 2019-05-07 09:16:39 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2019-05-22 11:47:20 -0400 |
commit | 59b9eecc19877f38b2c9d8b4f7964c6e9875f4c0 (patch) | |
tree | 0d993ae7bbf40127fc9779053802df558ecb339d /src/core/or/sendme.h | |
parent | d71fa707dd01bdaa2ed301e82ace6fd23f63e638 (diff) | |
download | tor-59b9eecc19877f38b2c9d8b4f7964c6e9875f4c0.tar.gz tor-59b9eecc19877f38b2c9d8b4f7964c6e9875f4c0.zip |
sendme: Record cell digest on both client and exit
It turns out that only the exit side is validating the authenticated SENDME v1
logic and never the client side. Which means that if a client ever uploaded
data towards an exit, the authenticated SENDME logic wouldn't apply.
For this to work, we have to record the cell digest client side as well which
introduced a new function that supports both type of edges.
This also removes a test that is not valid anymore which was that we didn't
allow cell recording on an origin circuit (client).
Part of #30428
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/core/or/sendme.h')
-rw-r--r-- | src/core/or/sendme.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/core/or/sendme.h b/src/core/or/sendme.h index ac18bbdd31..2fb73f76d9 100644 --- a/src/core/or/sendme.h +++ b/src/core/or/sendme.h @@ -35,8 +35,9 @@ int sendme_note_circuit_data_packaged(circuit_t *circ, int sendme_note_stream_data_packaged(edge_connection_t *conn); /* Track cell digest. */ -void sendme_record_cell_digest(circuit_t *circ); void sendme_circuit_record_outbound_cell(or_circuit_t *or_circ); +/* Record cell digest on circuit. */ +void sendme_record_cell_digest_on_circ(circuit_t *circ, crypt_path_t *cpath); /* Circuit level information. */ bool sendme_circuit_cell_is_next(int window); |