Should Hidden Service answer if a wrong 'begin' cell?
After fix of 444, HS not anymore closing circuits if a wrong 'begin' cells received. However they never sended 'RELAY_END' cells also. So well-behaved clients don't known if problems happened.
On other hand, if HS answers then attacker can measure latency (bad 'begin' <-> 'end' cell) on Tor-level so long as he want. (just IMO)
if HS should answer, then a fix:
--- connection_edge.original.c Mon Sep 29 19:20:02 2008 +++ connection_edge.c Mon Oct 20 15:34:18 2008 @@ -2566,7 +2566,7 @@ n_stream->_base.port); end_payload[0] = END_STREAM_REASON_EXITPOLICY; relay_send_command_from_edge(rh.stream_id, circ, RELAY_COMMAND_END,
-
end_payload, 1, NULL);
-
end_payload, 1, origin_circ->cpath->prev); connection_free(TO_CONN(n_stream)); tor_free(address); return 0;
[Automatically added by flyspray2trac: Operating System: All]
Trac:
Username: rovv