[tor-bugs] #21621 [Core Tor/Tor]: Intro points can get stuck in CIRCUIT_PURPOSE_S_ESTABLISH_INTRO
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Mar 4 12:03:14 UTC 2017
#21621: Intro points can get stuck in CIRCUIT_PURPOSE_S_ESTABLISH_INTRO
--------------------------+------------------------------------
Reporter: teor | Owner: teor
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.1.x-final
Component: Core Tor/Tor | Version: Tor: 0.2.7.2-alpha
Severity: Normal | Resolution:
Keywords: tor-hs | Actual Points:
Parent ID: #21446 | Points: 1
Reviewer: | Sponsor:
--------------------------+------------------------------------
Comment (by teor):
Replying to [comment:3 teor]:
> Replying to [comment:2 dgoulet]:
> > I think we do.
> >
> > `intro->circuit_established = 1;` is what signals that the intro
circuit is established and ready to be used?
>
> We only do that when the INTRO_ESTABLISHED cell is received.
> Until then, `intro->circuit_established` is 0, and it can remain in that
state forever:
> * What if the introduction point has a bug and never sends it?
This can't happen, at least in the latest version: the intro point either
sends INTRO_ESTABLISHED or closes the circuit.
It's also not possible for an OOM to cause this: on OOM, the circuit is
closed when the cells are discarded.
> * What do introduction points do when they detect a replay?
There is no replay cache: that's rend points.
(If the key is the same, the old circuit is replaced with the new circuit,
and the old circuit is closed.)
> * What if there's a deliberate attack where an intro point maintains the
circuit but never sends the INTRO_ESTABLISHED cell?
Or another bug?
Then we'd need to fix this issue.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21621#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list