diff options
| author | Andrea Shepard <andrea@torproject.org> | 2013-06-15 02:16:00 -0700 |
|---|---|---|
| committer | Andrea Shepard <andrea@torproject.org> | 2013-06-15 02:16:00 -0700 |
| commit | 2a95f3171681ee53c97ccba9d80f4454b462aaa7 (patch) | |
| tree | ca9862a6144f78c1c45c3a28cff26dbbeacf180a | |
| parent | d780cd5fd428176ebf4a72610ec4066c18346c09 (diff) | |
| download | tor-2a95f3171681ee53c97ccba9d80f4454b462aaa7.tar tor-2a95f3171681ee53c97ccba9d80f4454b462aaa7.tar.gz | |
Disable middle relay queue overfill detection code due to possible guard discovery attack
| -rw-r--r-- | changes/bug9072 | 3 | ||||
| -rw-r--r-- | src/or/relay.c | 5 |
2 files changed, 8 insertions, 0 deletions
diff --git a/changes/bug9072 b/changes/bug9072 new file mode 100644 index 000000000..e594a3833 --- /dev/null +++ b/changes/bug9072 @@ -0,0 +1,3 @@ + o Critical bugfixes: + - Disable middle relay queue overfill detection code due to possible + guard discovery attack, pending further analysis. Fixes bug #9072. diff --git a/src/or/relay.c b/src/or/relay.c index 087459c5c..fdb4bff70 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -2548,6 +2548,10 @@ append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn, streams_blocked = circ->streams_blocked_on_p_conn; } + /* + * Disabling this for now because of a possible guard discovery attack + */ +#if 0 /* Are we a middle circuit about to exceed ORCIRC_MAX_MIDDLE_CELLS? */ if ((circ->n_conn != NULL) && CIRCUIT_IS_ORCIRC(circ)) { orcirc = TO_OR_CIRCUIT(circ); @@ -2566,6 +2570,7 @@ append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn, } } } +#endif cell_queue_append_packed_copy(queue, cell); |