From b10735903b8135c9295e356ad7ea2222a339ab14 Mon Sep 17 00:00:00 2001
From: Robert Ransom <rransom.8774@gmail.com>
Date: Sat, 10 Sep 2011 20:54:26 -0400
Subject: Demote HS 'replay detected' log message for DH public keys to info
 level

---
 changes/bug2442 | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 changes/bug2442

(limited to 'changes')

diff --git a/changes/bug2442 b/changes/bug2442
new file mode 100644
index 000000000..cbcc22bb8
--- /dev/null
+++ b/changes/bug2442
@@ -0,0 +1,8 @@
+  * Minor bugfixes:
+
+    - Demote the 'replay detected' log message emitted when a hidden
+      service receives the same Diffie-Hellman public key in two
+      different INTRODUCE2 cells to info level.  A normal Tor client
+      can cause that log message during its normal operation.  Bugfix
+      on 0.2.1.6-alpha; fixes part of bug 2442.
+
-- 
cgit v1.2.3


From 8ea6d29fe468dc91d1c7dfc45ad5b4196e89ebdd Mon Sep 17 00:00:00 2001
From: Robert Ransom <rransom.8774@gmail.com>
Date: Sat, 10 Sep 2011 21:40:09 -0400
Subject: Demote 'INTRODUCE2 cell is too {old,new}' message to info level

---
 changes/bug2442b     | 8 ++++++++
 src/or/rendservice.c | 4 +++-
 2 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100644 changes/bug2442b

(limited to 'changes')

diff --git a/changes/bug2442b b/changes/bug2442b
new file mode 100644
index 000000000..02e1636e9
--- /dev/null
+++ b/changes/bug2442b
@@ -0,0 +1,8 @@
+  * Minor bugfixes:
+
+    - Demote the 'INTRODUCE2 cell is too {old,new}' log message to
+      info level.  There is nothing that a hidden service's operator
+      can do to fix its clients' clocks.  Bugfix on 0.2.1.6-alpha;
+      fixes part of bug 2442.
+
+
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 5f55537bc..6ed9650fc 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -1019,7 +1019,9 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
     v3_shift += 4;
     if ((now - ts) < -1 * REND_REPLAY_TIME_INTERVAL / 2 ||
         (now - ts) > REND_REPLAY_TIME_INTERVAL / 2) {
-      log_warn(LD_REND, "INTRODUCE2 cell is too %s. Discarding.",
+      /* This is far more likely to mean that a client's clock is
+       * skewed than that a replay attack is in progress. */
+      log_info(LD_REND, "INTRODUCE2 cell is too %s. Discarding.",
                (now - ts) < 0 ? "old" : "new");
       return -1;
     }
-- 
cgit v1.2.3