[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor] 01/05: relay: Don't send DESTROY remote reason backward or forward

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor] 01/05: relay: Don't send DESTROY remote reason backward or forward
From: gitolite role <git@xxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 02 Aug 2022 20:25:14 +0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 02 Aug 2022 16:25:26 -0400
In-reply-to: <165947191317.927.17517346903213664212@cupani.torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
References: <165947191317.927.17517346903213664212@cupani.torproject.org>
Reply-to: David Goulet <dgoulet@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>
Thread-index: AQAAEjRWvwAI3f4YSnS8O7OlPRMuYw==

This is an automated email from the git hooks/post-receive script.

dgoulet pushed a commit to branch main
in repository tor.

commit 6fcae8e0d080d7d0875eab4a0118e8fdaf5e832c
Author: David Goulet <dgoulet@xxxxxxxxxxxxxx>
AuthorDate: Tue Aug 2 15:49:03 2022 -0400

    relay: Don't send DESTROY remote reason backward or forward
    
    Fixes #40649
    
    Signed-off-by: David Goulet <dgoulet@xxxxxxxxxxxxxx>
---
 changes/ticket40649   |  4 ++++
 src/core/or/command.c | 11 +++++++----
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/changes/ticket40649 b/changes/ticket40649
new file mode 100644
index 0000000000..28df58f106
--- /dev/null
+++ b/changes/ticket40649
@@ -0,0 +1,4 @@
+  o Minor bugfixes (relay):
+    - Do not propagate either forward or backward a DESTROY remote reason when
+      closing a circuit so to avoid a possible side channel. Fixes bug 40649;
+      bugfix on 0.1.2.4-alpha.
diff --git a/src/core/or/command.c b/src/core/or/command.c
index 65853f7844..a8b93dc9a0 100644
--- a/src/core/or/command.c
+++ b/src/core/or/command.c
@@ -629,9 +629,11 @@ command_process_destroy_cell(cell_t *cell, channel_t *chan)
   if (!CIRCUIT_IS_ORIGIN(circ) &&
       chan == TO_OR_CIRCUIT(circ)->p_chan &&
       cell->circ_id == TO_OR_CIRCUIT(circ)->p_circ_id) {
-    /* the destroy came from behind */
+    /* The destroy came from behind so nullify its p_chan. Close the circuit
+     * with a DESTROYED reason so we don't propagate along the path forward the
+     * reason which could be used as a side channel. */
     circuit_set_p_circid_chan(TO_OR_CIRCUIT(circ), 0, NULL);
-    circuit_mark_for_close(circ, reason|END_CIRC_REASON_FLAG_REMOTE);
+    circuit_mark_for_close(circ, END_CIRC_REASON_DESTROYED);
   } else { /* the destroy came from ahead */
     circuit_set_n_circid_chan(circ, 0, NULL);
     if (CIRCUIT_IS_ORIGIN(circ)) {
@@ -639,9 +641,10 @@ command_process_destroy_cell(cell_t *cell, channel_t *chan)
     } else {
       /* Close the circuit so we stop queuing cells for it and propagate the
        * DESTROY cell down the circuit so relays can stop queuing in-flight
-       * cells for this circuit which helps with memory pressure. */
+       * cells for this circuit which helps with memory pressure. We do NOT
+       * propagate the remote reason so not to create a side channel. */
       log_debug(LD_OR, "Received DESTROY cell from n_chan, closing circuit.");
-      circuit_mark_for_close(circ, reason | END_CIRC_REASON_FLAG_REMOTE);
+      circuit_mark_for_close(circ, END_CIRC_REASON_DESTROYED);
     }
   }
 }

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

References:
- [tor-commits] [tor] branch main updated (4d3f42a6f2 -> bf30943cb7)
  - From: gitolite role

Prev by Author: [tor-commits] [tor] annotated tag tor-0.4.6.11 created (now 383bc3706f)
Next by Author: [tor-commits] [tor-browser] 68/70: Bug 21952: Implement Onion-Location
Previous by thread: [tor-commits] [tor] branch main updated (4d3f42a6f2 -> bf30943cb7)
Next by thread: [tor-commits] [tor] 02/05: Merge branch 'tor-gitlab/mr/608' into maint-0.4.5
Index(es):
- Author
- Thread