diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-10-28 10:51:21 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-12-22 09:51:59 -0500 |
| commit | 0187bd872885343761174218529aed7058f8d636 (patch) | |
| tree | 5273d15198042382c8b89221bb23da0578f5a45d /src | |
| parent | 878a684386cd4f7570bbc221fdfccdf005611c34 (diff) | |
| download | tor-0187bd872885343761174218529aed7058f8d636.tar tor-0187bd872885343761174218529aed7058f8d636.tar.gz | |
Implement the last of proposal 110
Reject all EXTEND requests not received in a relay_early cell
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/relay.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/src/or/relay.c b/src/or/relay.c index 6cf4b73a5..60d439aca 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -1194,6 +1194,25 @@ connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ, "'extend' cell received for non-zero stream. Dropping."); return 0; } + if (cell->command != CELL_RELAY_EARLY) { +#define EARLY_WARNING_INTERVAL 900 + static ratelim_t early_warning_limit = + RATELIM_INIT(EARLY_WARNING_INTERVAL); + char *m; + if (cell->command == CELL_RELAY) { + if ((m = rate_limit_log(&early_warning_limit, approx_time()))) { + /* XXXX make this a protocol_warn once we're happier with it*/ + log_fn(LOG_WARN, domain, "EXTEND cell received, " + "but not via RELAY_EARLY. Dropping.%s", m); + tor_free(m); + } + } else { + log_fn(LOG_WARN, domain, + "EXTEND cell received, in a cell with type %d! Dropping.", + cell->command); + } + return 0; + } return circuit_extend(cell, circ); case RELAY_COMMAND_EXTENDED: if (!layer_hint) { |