[tor-bugs] #32880 [Core Tor/Tor]: V3 handshaking state change doesn't use "connection_or_change_state()"

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jan 6 14:58:33 UTC 2020


#32880: V3 handshaking state change doesn't use "connection_or_change_state()"
--------------------------+------------------------------------
 Reporter:  opara         |          Owner:  dgoulet
     Type:  defect        |         Status:  accepted
 Priority:  Medium        |      Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |        Version:
 Severity:  Minor         |     Resolution:
 Keywords:  tor-chan      |  Actual Points:
Parent ID:                |         Points:  0.1
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------
Changes (by dgoulet):

 * status:  new => accepted
 * priority:  Low => Medium
 * keywords:   => tor-chan
 * points:   => 0.1
 * milestone:   => Tor: 0.4.3.x-final
 * owner:  (none) => dgoulet


Comment:

 Wow, this is a good catch!

 I believe indeed this is a bug. The part that sucks is that
 `connection_or_change_state()` is static to `connection_or.c` so we'll
 have to make it visible.

 Apart from pubsub not seeing it, I think this is harmless fortunately.

 Reason is that `enter_v3_handshake_with_cell()` seems to be reachable only
 if the connection is currently handshaking or "possibly waiting for
 renegotiation" the handshake for which these two states can never be set
 from an open channel.

 So, within `channel_tls_handle_state_change_on_orconn()`, we in theory
 never hit `channel_change_state(base_chan, CHANNEL_STATE_MAINT);`.

 Nevertheless, this is a bug since the code assumption is that every OR
 conn state change need to go through _one_ specific callsite.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32880#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list