[tor-commits] [torspec/master] Describe handling of END cells and half-open streams.

nickm at torproject.org nickm at torproject.org
Wed Mar 3 19:14:24 UTC 2021


commit 952024f5c354d59d0df51b6c2fe94045fa9cb926
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed Mar 3 14:13:48 2021 -0500

    Describe handling of END cells and half-open streams.
    
    Originally designed in tor#25573 as part of a defense for the
    DropMark attack by Rochet and Pereira.
    
    Closes torspec#33.
---
 tor-spec.txt | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/tor-spec.txt b/tor-spec.txt
index 11a991a..62b7d5d 100644
--- a/tor-spec.txt
+++ b/tor-spec.txt
@@ -1822,6 +1822,16 @@ see tor-design.pdf.
    [*] Older versions of Tor also send this reason when connections are
        reset.
 
+   Upon receiving a RELAY_END cell, the recipient may be sure that no further
+   cells will arrive on that stream, and can treat such cells as a protocol
+   violation.
+
+   After sending a RELAY_END cell, the sender needs to give the recipient
+   time to receive that cell.  In the meantime, the sender SHOULD remember
+   how many cells of which types (CONNECTED, SENDME, DATA) that it would have
+   accepted on that stream, and SHOULD kill the circuit if it receives more
+   than permitted.
+
    --- [The rest of this section describes unimplemented functionality.]
 
    Because TCP connections can be half-open, we follow an equivalent



More information about the tor-commits mailing list