[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Also raise the check for 0 circuit ID in created cell.
commit f9f450d688cc74403393dbe579ca9d92d98bfe13
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Wed Jun 11 09:33:20 2014 -0400
Also raise the check for 0 circuit ID in created cell.
And add a comment about why conditions that would cause us to drop a
cell should get checked before actions that would cause us to send a
destroy cell.
Spotted by 'cypherpunks'.
And note that these issues have been present since 0.0.8pre1 (commit
0da256ef), where we added a "shutting down" state, and started
responding to all create cells with DESTROY when shutting down.
---
changes/bug12191 | 7 ++++---
src/or/command.c | 19 +++++++++++--------
2 files changed, 15 insertions(+), 11 deletions(-)
diff --git a/changes/bug12191 b/changes/bug12191
index 7fe1c55..77589ab 100644
--- a/changes/bug12191
+++ b/changes/bug12191
@@ -1,6 +1,7 @@
o Minor bugfixes:
- - We now drop CREATE cells for already-existent circuit IDs, regardless
- of other factors that might otherwise have called for DESTROY cells.
- Fixes bug 12191; bugfix on 0.2.???
+ - We now drop CREATE cells for already-existent circuit IDs and
+ for zero-valued circuit IDs, regardless of other factors that
+ might otherwise have called for DESTROY cells. Fixes bug 12191;
+ bugfix on 0.0.8pre1.
diff --git a/src/or/command.c b/src/or/command.c
index 51fb640..fa2a0e7 100644
--- a/src/or/command.c
+++ b/src/or/command.c
@@ -227,6 +227,17 @@ command_process_create_cell(cell_t *cell, channel_t *chan)
(unsigned)cell->circ_id,
U64_PRINTF_ARG(chan->global_identifier), chan);
+ /* We check for the conditions that would make us drop the cell before
+ * we check for the conditions that would make us send a DESTROY back,
+ * since those conditions would make a DESTROY nonsensical. */
+ if (cell->circ_id == 0) {
+ log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+ "Received a create cell (type %d) from %s with zero circID; "
+ " ignoring.", (int)cell->command,
+ channel_get_actual_remote_descr(chan));
+ return;
+ }
+
if (circuit_id_in_use_on_channel(cell->circ_id, chan)) {
const node_t *node = node_get_by_id(chan->identity_digest);
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
@@ -265,14 +276,6 @@ command_process_create_cell(cell_t *cell, channel_t *chan)
return;
}
- if (cell->circ_id == 0) {
- log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
- "Received a create cell (type %d) from %s with zero circID; "
- " ignoring.", (int)cell->command,
- channel_get_actual_remote_descr(chan));
- return;
- }
-
/* If the high bit of the circuit ID is not as expected, close the
* circ. */
if (chan->wide_circ_ids)
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits