Opened 9 years ago

Closed 9 years ago

Last modified 8 years ago

#4368 closed defect (fixed)

If we wanted to authenticate but we don't like the auth challenge, we never send a netinfo cell

Reported by: arma Owned by:
Priority: Medium Milestone: Tor: 0.2.3.x-final
Component: Core Tor/Tor Version: Tor:
Severity: Keywords: tor-relay
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Once we fix #4367 it will be the case that a relay (initiator) who wants to authenticate, but gets a CELL_AUTH_CHALLENGE cell that it doesn't like (because it has no auth methods that the relay knows), ends up dropping the authenticate cell.

But then the initiator sends no netinfo cell.

The result is that the initiator thinks the connection is open (it drops the authenticate cell, but it already set conn->handshake_state->authenticated to 1 in command_process_cert_cell(), so when it receives the netinfo cell from the responder it will happily process it and end with connection_or_set_state_open()).

But the responder doesn't think the conn is open, since it's not gotten a netinfo cell.

The initiator will presumably then send another cell (e.g. a CREATE cell), since it initiated the connection for a reason. That cell will be silently dropped by the responder:

  if (handshaking && cell->command != CELL_VERSIONS &&
      cell->command != CELL_NETINFO) {
           "Received unexpected cell command %d in state %s; ignoring it.",

leaving the initiator wondering why it's talking to a black hole. Fun!

Child Tickets

Change History (5)

comment:1 Changed 9 years ago by nickm

Status: newneeds_review

see branch "bug4367" in my public repository for this one. (I had to do it on top of the #4367 fix, since it touches the same code.)

comment:2 Changed 9 years ago by Sebastian

Branch looks good (including #4367 fix) to me.

comment:3 Changed 9 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Applying and closing. Thanks for the review!

comment:4 Changed 8 years ago by nickm

Keywords: tor-relay added

comment:5 Changed 8 years ago by nickm

Component: Tor RelayTor
Note: See TracTickets for help on using tickets.