--- /dev/null
+ o Minor bugfixes:
+ - If a relay receives an AUTH_CHALLENGE it can't answer, it should
+ still send a NETINFO cell to allow the connection to become open.
+ Fixes bug 4368; fix on 0.2.3.6-alpha; bug found by "frosty".
conn->handshake_state->received_auth_challenge = 1;
- if (use_type >= 0 && public_server_mode(get_options())) {
+ if (! public_server_mode(get_options())) {
+ /* If we're not a public server then we don't want to authenticate on a
+ connection we originated, and we already sent a NETINFO cell when we
+ got the CERTS cell. We have nothing more to do. */
+ return;
+ }
+
+ if (use_type >= 0) {
log_info(LD_OR, "Got an AUTH_CHALLENGE cell from %s:%d: Sending "
"authentication",
safe_str(conn->_base.address), conn->_base.port);
connection_mark_for_close(TO_CONN(conn));
return;
}
- if (connection_or_send_netinfo(conn) < 0) {
- log_warn(LD_OR, "Couldn't send netinfo cell");
- connection_mark_for_close(TO_CONN(conn));
- return;
- }
} else {
- log_info(LD_OR, "Got an AUTH_CHALLENGE cell from %s:%d: Not "
- "authenticating",
+ log_info(LD_OR, "Got an AUTH_CHALLENGE cell from %s:%d, but we don't "
+ "know any of its authentication types. Not authenticating.",
safe_str(conn->_base.address), conn->_base.port);
}
+
+ if (connection_or_send_netinfo(conn) < 0) {
+ log_warn(LD_OR, "Couldn't send netinfo cell");
+ connection_mark_for_close(TO_CONN(conn));
+ return;
+ }
+
#undef ERR
}
projects / thirdparty / tor.git / commitdiff
