Ignore regular cells in padding circuits.

Padding circuits were regular cells that got closed before their padding
machine could finish. This means that they can still receive regular cells from
their past life, but they have no way or reason to answer them anymore. Hence
let's ignore them before they even get to the proper subsystems.

diff --git a/scripts/maint/practracker/exceptions.txt b/scripts/maint/practracker/exceptions.txt
index 642ae467f1961ac8d2ef0b57aa00ad623456c498..d437726fe8126c7e89898f221820b692f40cbdda 100644 (file)
--- a/scripts/maint/practracker/exceptions.txt
+++ b/scripts/maint/practracker/exceptions.txt
@@ -84,7 +84,7 @@ problem function-size /src/core/or/circuitlist.c:circuit_about_to_free() 120
 problem function-size /src/core/or/circuitlist.c:circuits_handle_oom() 117
 problem function-size /src/core/or/circuitmux.c:circuitmux_set_policy() 109
 problem function-size /src/core/or/circuitmux.c:circuitmux_attach_circuit() 113
-problem file-size /src/core/or/circuitpadding.c 3006
+problem file-size /src/core/or/circuitpadding.c 3043
 problem function-size /src/core/or/circuitpadding.c:circpad_machine_schedule_padding() 107
 problem function-size /src/core/or/circuitpadding_machines.c:circpad_machine_relay_hide_intro_circuits() 103
 problem function-size /src/core/or/circuitpadding_machines.c:circpad_machine_client_hide_rend_circuits() 112
@@ -117,12 +117,12 @@ problem function-size /src/core/or/connection_or.c:connection_or_compute_authent
 problem file-size /src/core/or/policies.c 3249
 problem function-size /src/core/or/policies.c:policy_summarize() 107
 problem function-size /src/core/or/protover.c:protover_all_supported() 117
-problem file-size /src/core/or/relay.c 3244
+problem file-size /src/core/or/relay.c 3263
 problem function-size /src/core/or/relay.c:circuit_receive_relay_cell() 126
 problem function-size /src/core/or/relay.c:relay_send_command_from_edge_() 109
 problem function-size /src/core/or/relay.c:connection_ap_process_end_not_open() 192
 problem function-size /src/core/or/relay.c:connection_edge_process_relay_cell_not_open() 137
-problem function-size /src/core/or/relay.c:connection_edge_process_relay_cell() 428
+problem function-size /src/core/or/relay.c:handle_relay_cell_command() 369
 problem function-size /src/core/or/relay.c:connection_edge_package_raw_inbuf() 128
 problem function-size /src/core/or/relay.c:circuit_resume_edge_reading_helper() 146
 problem function-size /src/core/or/scheduler_kist.c:kist_scheduler_run() 171

diff --git a/src/core/or/circuitpadding.c b/src/core/or/circuitpadding.c
index 460f72c17e480315831f634cbab4eb092144c75f..9ccad8744915d7ad9f58cec5d2d04bdf7a4d90b4 100644 (file)
--- a/src/core/or/circuitpadding.c
+++ b/src/core/or/circuitpadding.c
@@ -1791,6 +1791,43 @@ circpad_cell_event_nonpadding_sent(circuit_t *on_circ)
   } FOR_EACH_ACTIVE_CIRCUIT_MACHINE_END;
 }
 
+/** Check if this cell or circuit are related to circuit padding and handle
+ *  them if so.  Return 0 if the cell was handled in this subsystem and does
+ *  not need any other consideration, otherwise return 1.
+ */
+int
+circpad_check_received_cell(cell_t *cell, circuit_t *circ,
+                            crypt_path_t *layer_hint,
+                            const relay_header_t *rh)
+{
+  unsigned domain = layer_hint?LD_APP:LD_EXIT;
+
+  /* First handle the padding commands, since we want to ignore any other
+   * commands if this circuit is padding-specific. */
+  switch (rh->command) {
+    case RELAY_COMMAND_DROP:
+      /* Already examined in circpad_deliver_recognized_relay_cell_events */
+      return 0;
+    case RELAY_COMMAND_PADDING_NEGOTIATE:
+      circpad_handle_padding_negotiate(circ, cell);
+      return 0;
+    case RELAY_COMMAND_PADDING_NEGOTIATED:
+      if (circpad_handle_padding_negotiated(circ, cell, layer_hint) == 0)
+        circuit_read_valid_data(TO_ORIGIN_CIRCUIT(circ), rh->length);
+      return 0;
+  }
+
+  /* If this is a padding circuit we don't need to parse any other commands
+   * than the padding ones. Just drop them to the floor. */
+  if (circ->purpose == CIRCUIT_PURPOSE_C_CIRCUIT_PADDING) {
+    log_info(domain, "Ignored cell (%d) that arrived in padding circuit.",
+             rh->command);
+    return 0;
+  }
+
+  return 1;
+}
+
 /**
  * A "non-padding" cell has been received by this endpoint. React
  * according to any padding state machines on the circuit.

diff --git a/src/core/or/circuitpadding.h b/src/core/or/circuitpadding.h
index fc2e595c0a30066eecde2fd147455e8d1dfcf5eb..e9eb32c6189c1c3206e7332f1e4deea8dc35ecf5 100644 (file)
--- a/src/core/or/circuitpadding.h
+++ b/src/core/or/circuitpadding.h
@@ -734,6 +734,10 @@ bool circpad_padding_negotiated(struct circuit_t *circ,
 
 circpad_purpose_mask_t circpad_circ_purpose_to_mask(uint8_t circ_purpose);
 
+int circpad_check_received_cell(cell_t *cell, circuit_t *circ,
+                                crypt_path_t *layer_hint,
+                                const relay_header_t *rh);
+
 MOCK_DECL(circpad_decision_t,
 circpad_machine_schedule_padding,(circpad_machine_runtime_t *));
 

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index 84fc5878710f675473c4fe2125e7153efffae163..3b5aa2b665019434e25136cb406090fe3253fa6b 100644 (file)
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -1596,28 +1596,15 @@ handle_relay_command(cell_t *cell, circuit_t *circ,
 
   tor_assert(rh);
 
-  switch (rh->command) {
-    case RELAY_COMMAND_DROP:
-      /* Already examined in circpad_deliver_recognized_relay_cell_events */
-      return 0;
-    case RELAY_COMMAND_PADDING_NEGOTIATE:
-      circpad_handle_padding_negotiate(circ, cell);
-      return 0;
-    case RELAY_COMMAND_PADDING_NEGOTIATED:
-      if (circpad_handle_padding_negotiated(circ, cell, layer_hint) == 0)
-        circuit_read_valid_data(TO_ORIGIN_CIRCUIT(circ), rh->length);
-      return 0;
-  }
-
-  /* If this is a padding circuit we don't need to parse any other commands
-   * than the padding ones. Just drop them to the floor. */
-  if (circ->purpose == CIRCUIT_PURPOSE_C_CIRCUIT_PADDING) {
-    log_info(domain, "Ignored cell (%d) that arrived in padding circuit.",
-             rh.command);
+  /* First pass the cell to the circuit padding subsystem, in case it's a
+   * padding cell or circuit that should be handled there. */
+  if (circpad_check_received_cell(cell, circ, layer_hint, rh) == 0) {
+    log_debug(domain, "Cell handled as circuit padding");
     return 0;
   }
 
-  switch (rh.command) {
+  /* Now handle all the other commands */
+  switch (rh->command) {
     case RELAY_COMMAND_BEGIN:
     case RELAY_COMMAND_BEGIN_DIR:
       if (layer_hint &&