diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-04-27 12:02:55 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-04-27 12:02:55 -0400 |
| commit | 9df89aacbd9cac69660a5199ab6eca5ee5fc3ba7 (patch) | |
| tree | 7d0b140f9d573038af498e85eef9f7defc623053 | |
| parent | 9dddfe83f3041e1504d2def5622633eb59a9756f (diff) | |
| download | tor-9df89aacbd9cac69660a5199ab6eca5ee5fc3ba7.tar tor-9df89aacbd9cac69660a5199ab6eca5ee5fc3ba7.tar.gz | |
Close OR connections that send junk before AUTHORIZE/VERSIONS
Fix for 4369.
| -rw-r--r-- | changes/bug4369 | 3 | ||||
| -rw-r--r-- | src/or/command.c | 16 |
2 files changed, 16 insertions, 3 deletions
diff --git a/changes/bug4369 b/changes/bug4369 new file mode 100644 index 000000000..c444102b5 --- /dev/null +++ b/changes/bug4369 @@ -0,0 +1,3 @@ + o Minor features: + - Close any connection that sends unrecognized junk before the + handshake. Solves an issue noted in bug 4369. diff --git a/src/or/command.c b/src/or/command.c index fb281a7f9..7c4556ea3 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -160,9 +160,11 @@ command_process_cell(cell_t *cell, or_connection_t *conn) if (handshaking && cell->command != CELL_VERSIONS && cell->command != CELL_NETINFO) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, - "Received unexpected cell command %d in state %s; ignoring it.", + "Received unexpected cell command %d in state %s; closing the " + "connection", (int)cell->command, conn_state_to_string(CONN_TYPE_OR,conn->_base.state)); + connection_mark_for_close(TO_CONN(conn)); return; } @@ -258,8 +260,15 @@ command_process_var_cell(var_cell_t *cell, or_connection_t *conn) switch (conn->_base.state) { case OR_CONN_STATE_OR_HANDSHAKING_V2: - if (cell->command != CELL_VERSIONS) + if (cell->command != CELL_VERSIONS) { + log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, + "Received a cell with command %d in state %s; " + "closing the connection.", + (int)cell->command, + conn_state_to_string(CONN_TYPE_OR,conn->_base.state)); + connection_mark_for_close(TO_CONN(conn)); return; + } break; case OR_CONN_STATE_TLS_HANDSHAKING: /* If we're using bufferevents, it's entirely possible for us to @@ -272,9 +281,10 @@ command_process_var_cell(var_cell_t *cell, or_connection_t *conn) if (! command_allowed_before_handshake(cell->command)) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Received a cell with command %d in state %s; " - "ignoring it.", + "closing the connection.", (int)cell->command, conn_state_to_string(CONN_TYPE_OR,conn->_base.state)); + connection_mark_for_close(TO_CONN(conn)); return; } else { if (enter_v3_handshake_with_cell(cell, conn)<0) |