#24902: Denial of Service mitigation subsystem -------------------------------------------------+------------------------- Reporter: dgoulet | Owner: dgoulet Type: enhancement | Status: | needs_review Priority: Very High | Milestone: Tor: | 0.3.3.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: ddos, tor-relay, review-group-30, | Actual Points: 029-backport, 031-backport, 032-backport, | review-group-31 | Parent ID: | Points: Reviewer: | Sponsor: -------------------------------------------------+-------------------------
Comment (by arma): I've been running dgoulet's ticket24902_029_04 with the following additional patch to make channel_is_client() not be a lie: {{{ diff --git a/src/or/channeltls.c b/src/or/channeltls.c index 09cca95..7ad8a8c 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -1640,6 +1640,7 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls tor_assert(tor_digest_is_zero( (const char*)(chan->conn->handshake_state-> authenticated_peer_id))); + channel_mark_client(TLS_CHAN_TO_BASE(chan)); channel_set_circid_type(TLS_CHAN_TO_BASE(chan), NULL, chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS); diff --git a/src/or/connection_or.c b/src/or/connection_or.c index dadfdc4..8beedca 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -1880,6 +1880,12 @@ connection_or_set_state_open(or_connection_t *conn) connection_or_change_state(conn, OR_CONN_STATE_OPEN); control_event_or_conn_status(conn, OR_CONN_EVENT_CONNECTED, 0); + /* Link protocol 3 appeared in Tor 0.2.3.6-alpha, so any connection + * that uses an earlier link protocol should not be treated as a relay. */ + if (conn->link_proto < 3) { + channel_mark_client(TLS_CHAN_TO_BASE(conn->chan)); + } + or_handshake_state_free(conn->handshake_state); conn->handshake_state = NULL; connection_start_reading(TO_CONN(conn)); }}} -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24902#comment:36> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs