[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] Implement the last of proposal 110

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor/master] Implement the last of proposal 110
From: arma@xxxxxxxxxxxxxx
Date: Sun, 25 Dec 2011 22:46:27 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 25 Dec 2011 17:46:57 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-commits>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: code repository commits <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Sender: tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx

commit 0187bd872885343761174218529aed7058f8d636
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Fri Oct 28 10:51:21 2011 -0400

    Implement the last of proposal 110
    
    Reject all EXTEND requests not received in a relay_early cell
---
 changes/prop110 |    7 +++++++
 src/or/relay.c  |   19 +++++++++++++++++++
 2 files changed, 26 insertions(+), 0 deletions(-)

diff --git a/changes/prop110 b/changes/prop110
new file mode 100644
index 0000000..843595e
--- /dev/null
+++ b/changes/prop110
@@ -0,0 +1,7 @@
+  o Major features:
+    - Now that Tor 0.2.0.x is completely deprecated, we can enable the
+      final part of "Proposal 110: Avoiding infinite length circuits"
+      by refusing all circuit-extend requests that do not appear in a
+      "relay_early" cell. This change helps Tor to resist a class of
+      denial-of-service attacks by limiting the maximum circuit length.
+
diff --git a/src/or/relay.c b/src/or/relay.c
index 6cf4b73..60d439a 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -1194,6 +1194,25 @@ connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ,
                "'extend' cell received for non-zero stream. Dropping.");
         return 0;
       }
+      if (cell->command != CELL_RELAY_EARLY) {
+#define EARLY_WARNING_INTERVAL 900
+        static ratelim_t early_warning_limit =
+          RATELIM_INIT(EARLY_WARNING_INTERVAL);
+        char *m;
+        if (cell->command == CELL_RELAY) {
+          if ((m = rate_limit_log(&early_warning_limit, approx_time()))) {
+            /* XXXX make this a protocol_warn once we're happier with it*/
+            log_fn(LOG_WARN, domain, "EXTEND cell received, "
+                   "but not via RELAY_EARLY. Dropping.%s", m);
+            tor_free(m);
+          }
+        } else {
+          log_fn(LOG_WARN, domain,
+                 "EXTEND cell received, in a cell with type %d! Dropping.",
+                 cell->command);
+        }
+        return 0;
+      }
       return circuit_extend(cell, circ);
     case RELAY_COMMAND_EXTENDED:
       if (!layer_hint) {



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor/master] Merge remote-tracking branch 'nickm/prop110_v2'
Next by Author: [tor-commits] [tor/master] Allow prop110 violations if AllowNonearlyExtend is set in consensus
Previous by thread: [tor-commits] [tor/master] Merge remote-tracking branch 'nickm/prop110_v2'
Next by thread: [tor-commits] [tor/master] Allow prop110 violations if AllowNonearlyExtend is set in consensus
Index(es):
- Author
- Thread