Skip to content
Snippets Groups Projects
Closed (moved) We obey sendme cells even when we shouldn't get them
  • View options

    • We obey sendme cells even when we shouldn't get them

    • View options
    • Closed (moved) created by Roger Dingledine

    A client can send sendme cells preemptively to the exit relay, allowing:

    • cheating on her flow/congestion control, to get her bytes faster

    • DoS on the network, by adding way more cells into the network than she was supposed to.

    • perhaps a memory DoS on the entry relay, if she stops reading from the TLS connection but keeps up the blitz of sendme cells.

    I believe the fix is to tear down the circuit when we get a sendme we should not have gotten.

    Attributes

    Assignees

    None

    Labels

    component core tor/tor milestone Tor: 0.2.3.x-final priority high resolution fixed status closed tor-relay type defect

    Milestone

    Tor: 0.2.3.x-final

    Dates

    Start: None

    Due: None

    Time tracking

    No estimate or time spent

    Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first