diff options
| -rw-r--r-- | changes/bug9072 | 3 | ||||
| -rw-r--r-- | src/or/relay.c | 5 |
2 files changed, 8 insertions, 0 deletions
diff --git a/changes/bug9072 b/changes/bug9072 new file mode 100644 index 0000000000..e594a38335 --- /dev/null +++ b/changes/bug9072 @@ -0,0 +1,3 @@ + o Critical bugfixes: + - Disable middle relay queue overfill detection code due to possible + guard discovery attack, pending further analysis. Fixes bug #9072. diff --git a/src/or/relay.c b/src/or/relay.c index a26d4186d0..0f21663bcd 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -2482,6 +2482,10 @@ append_cell_to_circuit_queue(circuit_t *circ, channel_t *chan, streams_blocked = circ->streams_blocked_on_p_chan; } + /* + * Disabling this for now because of a possible guard discovery attack + */ +#if 0 /* Are we a middle circuit about to exceed ORCIRC_MAX_MIDDLE_CELLS? */ if ((circ->n_chan != NULL) && CIRCUIT_IS_ORCIRC(circ)) { orcirc = TO_OR_CIRCUIT(circ); @@ -2505,6 +2509,7 @@ append_cell_to_circuit_queue(circuit_t *circ, channel_t *chan, } } } +#endif cell_queue_append_packed_copy(queue, cell, chan->wide_circ_ids); |