mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
Merge branch 'maint-0.4.5' into master
This commit is contained in:
commit
0921fdf633
5
changes/bug40017
Normal file
5
changes/bug40017
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
o Minor features (protocol, proxy support, defense in depth):
|
||||||
|
- Respond more deliberately to misbehaving proxies that leave leftover
|
||||||
|
data on their connections, so as to be even less likely as to allow
|
||||||
|
them to pass their data off as having come from a relay.
|
||||||
|
Closes ticket 40017.
|
@ -566,11 +566,6 @@ connection_or_reached_eof(or_connection_t *conn)
|
|||||||
int
|
int
|
||||||
connection_or_process_inbuf(or_connection_t *conn)
|
connection_or_process_inbuf(or_connection_t *conn)
|
||||||
{
|
{
|
||||||
/** Don't let the inbuf of a nonopen OR connection grow beyond this many
|
|
||||||
* bytes: it's either a broken client, a non-Tor client, or a DOS
|
|
||||||
* attempt. */
|
|
||||||
#define MAX_OR_INBUF_WHEN_NONOPEN 0
|
|
||||||
|
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
tor_assert(conn);
|
tor_assert(conn);
|
||||||
|
|
||||||
@ -581,6 +576,15 @@ connection_or_process_inbuf(or_connection_t *conn)
|
|||||||
/* start TLS after handshake completion, or deal with error */
|
/* start TLS after handshake completion, or deal with error */
|
||||||
if (ret == 1) {
|
if (ret == 1) {
|
||||||
tor_assert(TO_CONN(conn)->proxy_state == PROXY_CONNECTED);
|
tor_assert(TO_CONN(conn)->proxy_state == PROXY_CONNECTED);
|
||||||
|
if (buf_datalen(conn->base_.inbuf) != 0) {
|
||||||
|
log_fn(LOG_PROTOCOL_WARN, LD_NET, "Found leftover (%d bytes) "
|
||||||
|
"when transitioning from PROXY_HANDSHAKING state on %s: "
|
||||||
|
"closing.",
|
||||||
|
(int)buf_datalen(conn->base_.inbuf),
|
||||||
|
connection_describe(TO_CONN(conn)));
|
||||||
|
connection_or_close_for_error(conn, 0);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
if (connection_tls_start_handshake(conn, 0) < 0)
|
if (connection_tls_start_handshake(conn, 0) < 0)
|
||||||
ret = -1;
|
ret = -1;
|
||||||
/* Touch the channel's active timestamp if there is one */
|
/* Touch the channel's active timestamp if there is one */
|
||||||
@ -601,14 +605,12 @@ connection_or_process_inbuf(or_connection_t *conn)
|
|||||||
break; /* don't do anything */
|
break; /* don't do anything */
|
||||||
}
|
}
|
||||||
|
|
||||||
/* This check was necessary with 0.2.2, when the TLS_SERVER_RENEGOTIATING
|
/* This check makes sure that we don't have any data on the inbuf if we're
|
||||||
* check would otherwise just let data accumulate. It serves no purpose
|
* doing our TLS handshake: if we did, they were probably put there by a
|
||||||
* in 0.2.3.
|
* SOCKS proxy trying to trick us into accepting unauthenticated data.
|
||||||
*
|
*/
|
||||||
* XXXX Remove this check once we verify that the above paragraph is
|
if (buf_datalen(conn->base_.inbuf) != 0) {
|
||||||
* 100% true. */
|
log_fn(LOG_PROTOCOL_WARN, LD_NET, "Accumulated data (%d bytes) "
|
||||||
if (buf_datalen(conn->base_.inbuf) > MAX_OR_INBUF_WHEN_NONOPEN) {
|
|
||||||
log_fn(LOG_PROTOCOL_WARN, LD_NET, "Accumulated too much data (%d bytes) "
|
|
||||||
"on non-open %s; closing.",
|
"on non-open %s; closing.",
|
||||||
(int)buf_datalen(conn->base_.inbuf),
|
(int)buf_datalen(conn->base_.inbuf),
|
||||||
connection_describe(TO_CONN(conn)));
|
connection_describe(TO_CONN(conn)));
|
||||||
|
Loading…
Reference in New Issue
Block a user