Skip to content

GitLab

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Closed (moved)
Opened by Roger Dingledine@arma

If we wanted to authenticate but we don't like the auth challenge, we never send a netinfo cell

Once we fix #4367 (moved) it will be the case that a relay (initiator) who wants to authenticate, but gets a CELL_AUTH_CHALLENGE cell that it doesn't like (because it has no auth methods that the relay knows), ends up dropping the authenticate cell.

But then the initiator sends no netinfo cell.

The result is that the initiator thinks the connection is open (it drops the authenticate cell, but it already set conn->handshake_state->authenticated to 1 in command_process_cert_cell(), so when it receives the netinfo cell from the responder it will happily process it and end with connection_or_set_state_open()).

But the responder doesn't think the conn is open, since it's not gotten a netinfo cell.

The initiator will presumably then send another cell (e.g. a CREATE cell), since it initiated the connection for a reason. That cell will be silently dropped by the responder:

  if (handshaking && cell->command != CELL_VERSIONS &&
      cell->command != CELL_NETINFO) {
    log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
           "Received unexpected cell command %d in state %s; ignoring it.",
           (int)cell->command,
           conn_state_to_string(CONN_TYPE_OR,conn->_base.state));
    return;
  }

leaving the initiator wondering why it's talking to a black hole. Fun!

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information