Send NETINFO on receiving a NETINFO if we have not yet sent one.

Relays previously, when initiating a connection, would only send a
NETINFO after sending an AUTHENTICATE.  But bridges, when receiving a
connection, would never send AUTH_CHALLENGE.  So relays wouldn't
AUTHENTICATE, and wouldn't NETINFO, and then bridges would be
surprised to be receiving CREATE cells on a non-open circuit.

Fixes bug 9546.

diff --git a/changes/bug9546 b/changes/bug9546
new file mode 100644 (file)
index 0000000..8596eac
--- /dev/null
+++ b/changes/bug9546
@@ -0,0 +1,5 @@
+  o Major bugfixes:
+
+    - When a relay is extending a circuit to a bridge, it needs to send a
+      NETINFO cell, even when the bridge hasn't sent an AUTH_CHALLENGE
+      cell. Fixes bug 9546; bugfix on ????.

diff --git a/src/or/channeltls.c b/src/or/channeltls.c
index d758d22d820322c948ef1d5ad91a6644a81ed9e5..a7953e7a8a27a12a647ecca4e0374b68cc3a6d02 100644 (file)
--- a/src/or/channeltls.c
+++ b/src/or/channeltls.c
@@ -1474,6 +1474,16 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan)
   /* XXX maybe act on my_apparent_addr, if the source is sufficiently
    * trustworthy. */
 
+  if (! chan->conn->handshake_state->sent_netinfo) {
+    /* If we were prepared to authenticate, but we never got an AUTH_CHALLENGE
+     * cell, then we would not previously have sent a NETINFO cell. Do so
+     * now. */
+    if (connection_or_send_netinfo(chan->conn) < 0) {
+      connection_or_close_for_error(chan->conn, 0);
+      return;
+    }
+  }
+
   if (connection_or_set_state_open(chan->conn) < 0) {
     log_fn(LOG_PROTOCOL_WARN, LD_OR,
            "Got good NETINFO cell from %s:%d; but "

diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 361636350519c67e1afc835b94fb77cd1751f1bd..31cc9c78d8aacddfffaf63b66948b6563352dd55 100644 (file)
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -2042,6 +2042,12 @@ connection_or_send_netinfo(or_connection_t *conn)
 
   tor_assert(conn->handshake_state);
 
+  if (conn->handshake_state->sent_netinfo) {
+    log_warn(LD_BUG, "Attempted to send an extra netinfo cell on a connection "
+             "where we already sent one.");
+    return 0;
+  }
+
   memset(&cell, 0, sizeof(cell_t));
   cell.command = CELL_NETINFO;
 
@@ -2083,6 +2089,7 @@ connection_or_send_netinfo(or_connection_t *conn)
   }
 
   conn->handshake_state->digest_sent_data = 0;
+  conn->handshake_state->sent_netinfo = 1;
   connection_or_write_cell_to_buf(&cell, conn);
 
   return 0;

diff --git a/src/or/or.h b/src/or/or.h
index 3dc96b9a9d7cc8c7766886c8c1c5874955564e8f..8c6c1e3635bd03cd3c5004d8b4aa3be593dc488a 100644 (file)
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1357,6 +1357,9 @@ typedef struct or_handshake_state_t {
   /* True iff we've received valid authentication to some identity. */
   unsigned int authenticated : 1;
 
+  /* True iff we have sent a netinfo cell */
+  unsigned int sent_netinfo : 1;
+
   /** True iff we should feed outgoing cells into digest_sent and
    * digest_received respectively.
    *