diff options
author | Nick Mathewson <nickm@torproject.org> | 2021-03-03 14:13:48 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2021-03-03 14:13:48 -0500 |
commit | 952024f5c354d59d0df51b6c2fe94045fa9cb926 (patch) | |
tree | f44ac2fe5096afc7a63726ea3725d3c78314c84d /tor-spec.txt | |
parent | 46f0bb6320b1b3c3bee8c0be5aa785612fc4eec0 (diff) | |
download | torspec-952024f5c354d59d0df51b6c2fe94045fa9cb926.tar.gz torspec-952024f5c354d59d0df51b6c2fe94045fa9cb926.zip |
Describe handling of END cells and half-open streams.
Originally designed in tor#25573 as part of a defense for the
DropMark attack by Rochet and Pereira.
Closes torspec#33.
Diffstat (limited to 'tor-spec.txt')
-rw-r--r-- | tor-spec.txt | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/tor-spec.txt b/tor-spec.txt index 11a991a..62b7d5d 100644 --- a/tor-spec.txt +++ b/tor-spec.txt @@ -1822,6 +1822,16 @@ see tor-design.pdf. [*] Older versions of Tor also send this reason when connections are reset. + Upon receiving a RELAY_END cell, the recipient may be sure that no further + cells will arrive on that stream, and can treat such cells as a protocol + violation. + + After sending a RELAY_END cell, the sender needs to give the recipient + time to receive that cell. In the meantime, the sender SHOULD remember + how many cells of which types (CONNECTED, SENDME, DATA) that it would have + accepted on that stream, and SHOULD kill the circuit if it receives more + than permitted. + --- [The rest of this section describes unimplemented functionality.] Because TCP connections can be half-open, we follow an equivalent |