[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] Merge origin/maint-0.2.2 for 6007_strict

commit 41e8bee188571ca61c2f5628ea99dff34343d673
Merge: 329e1c6 491dc3a
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Mon Jun 4 11:47:36 2012 -0400

    Merge origin/maint-0.2.2 for 6007_strict
    
    This code shouldn't have any effect in 0.2.3, since we already accept
    (and handle) data received while we are expecting a renegotiation.
    (That's because the 0.2.3.x handshake _does_ have data there instead of
    the renegotiation.)
    
    I'm leaving it in anyway, since if it breaks anything, we'll want it
    broken in master too so we can find out about it.  I added an XXX023
    comment so that we can come back later and fix that.

 changes/bug6007        |    5 +++++
 src/or/connection_or.c |   28 ++++++++++++++++++++++++++--
 2 files changed, 31 insertions(+), 2 deletions(-)

diff --cc src/or/connection_or.c
index 8f88292,cb0082b..8aec5d2
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@@ -376,21 -232,25 +381,40 @@@ connection_or_process_inbuf(or_connecti
        }
  
        return ret;
 +    case OR_CONN_STATE_TLS_SERVER_RENEGOTIATING:
 +#ifdef USE_BUFFEREVENTS
 +      if (tor_tls_server_got_renegotiate(conn->tls))
 +        connection_or_tls_renegotiated_cb(conn->tls, conn);
 +      if (conn->_base.marked_for_close)
 +        return 0;
 +      /* fall through. */
 +#endif
      case OR_CONN_STATE_OPEN:
 -    case OR_CONN_STATE_OR_HANDSHAKING:
 +    case OR_CONN_STATE_OR_HANDSHAKING_V2:
 +    case OR_CONN_STATE_OR_HANDSHAKING_V3:
        return connection_or_process_cells_from_inbuf(conn);
      default:
-       return 0; /* don't do anything */
+       break; /* don't do anything */
+   }
+ 
++  /* This check was necessary with 0.2.2, when the TLS_SERVER_RENEGOTIATING
++   * check would otherwise just let data accumulate.  It serves no purpose
++   * in 0.2.3.
++   *
++   * XXX023 Remove this check once we verify that the above paragraph is
++   * 100% true. */
+   if (buf_datalen(conn->_base.inbuf) > MAX_OR_INBUF_WHEN_NONOPEN) {
+     log_fn(LOG_PROTOCOL_WARN, LD_NET, "Accumulated too much data (%d bytes) "
+ 	   "on nonopen OR connection %s %s:%u in state %s; closing.",
+ 	   (int)buf_datalen(conn->_base.inbuf),
+ 	   connection_or_nonopen_was_started_here(conn) ? "to" : "from",
+ 	   conn->_base.address, conn->_base.port,
+ 	   conn_state_to_string(conn->_base.type, conn->_base.state));
+     connection_mark_for_close(TO_CONN(conn));
+     ret = -1;
    }
+ 
+   return ret;
  }
  
  /** When adding cells to an OR connection's outbuf, keep adding until the

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits