[tor/master] Even when we can't answer an AUTH_CHALLENGE, send NETINFO.
commit 325a659cb16350b1e28db803e2e673068ca2eb82 Author: Nick Mathewson <nickm@torproject.org> Date: Thu Nov 3 12:40:02 2011 -0400 Even when we can't answer an AUTH_CHALLENGE, send NETINFO. Fixes bug 4368; fix on 0.2.3.6-alpha; bug found by "frosty". --- changes/bug4368 | 4 ++++ src/or/command.c | 25 +++++++++++++++++-------- 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/changes/bug4368 b/changes/bug4368 new file mode 100644 index 0000000..54b4882 --- /dev/null +++ b/changes/bug4368 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - If a relay receives an AUTH_CHALLENGE it can't answer, it should + still send a NETINFO cell to allow the connection to become open. + Fixes bug 4368; fix on 0.2.3.6-alpha; bug found by "frosty". diff --git a/src/or/command.c b/src/or/command.c index 6eb261c..5d0ebaa 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -1100,7 +1100,14 @@ command_process_auth_challenge_cell(var_cell_t *cell, or_connection_t *conn) conn->handshake_state->received_auth_challenge = 1; - if (use_type >= 0 && public_server_mode(get_options())) { + if (! public_server_mode(get_options())) { + /* If we're not a public server then we don't want to authenticate on a + connection we originated, and we already sent a NETINFO cell when we + got the CERTS cell. We have nothing more to do. */ + return; + } + + if (use_type >= 0) { log_info(LD_OR, "Got an AUTH_CHALLENGE cell from %s:%d: Sending " "authentication", safe_str(conn->_base.address), conn->_base.port); @@ -1110,16 +1117,18 @@ command_process_auth_challenge_cell(var_cell_t *cell, or_connection_t *conn) connection_mark_for_close(TO_CONN(conn)); return; } - if (connection_or_send_netinfo(conn) < 0) { - log_warn(LD_OR, "Couldn't send netinfo cell"); - connection_mark_for_close(TO_CONN(conn)); - return; - } } else { - log_info(LD_OR, "Got an AUTH_CHALLENGE cell from %s:%d: Not " - "authenticating", + log_info(LD_OR, "Got an AUTH_CHALLENGE cell from %s:%d, but we don't " + "know any of its authentication types. Not authenticating.", safe_str(conn->_base.address), conn->_base.port); } + + if (connection_or_send_netinfo(conn) < 0) { + log_warn(LD_OR, "Couldn't send netinfo cell"); + connection_mark_for_close(TO_CONN(conn)); + return; + } + #undef ERR }
participants (1)
-
nickm@torproject.org