Skip to content
Snippets Groups Projects
Closed (moved) Don't allow multiple INTRODUCE1s on the same circuit
  • View options

    • Don't allow multiple INTRODUCE1s on the same circuit

    • View options
    • Closed (moved) created by George Kadianakis

    Currently, it seems like clients are able to send multiple INTRODUCE1 cells to the IP. The result is that many INTRODUCE2 cells reach the HS, which means that the HS will try to establish multiple rendezvous circuits.

    This gives a better position to attackers who want to flood a HS with rendezvous circuits (like #15463 (moved)), since with a single circuit they can cause hundreds of rendezvous.

    We should fix this in the IP-side, by closing the circuit after sending the INTRODUCE_ACK to the client. An alternate behavior, is to change the state of the circuit after INTRODUCE1 is received and close it if more such cells are received.

    Attributes

    Assignees

    None

    Labels

    024-backport 025-backport 026-backport 027-triaged-1-in 2016-bug-retrospective SponsorU component core tor/tor milestone Tor: 0.2.6.x-final parent 15463 points small priority high resolution fixed sponsor R status closed type defect version tor 0.2.7

    Milestone

    Tor: 0.2.6.x-final

    Dates

    Start: None

    Due: None

    Time tracking

    No estimate or time spent

    Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first