From: Andrea Shepard <andrea@torproject.org>
Date: Sat, 15 Jun 2013 09:16:00 +0000 (-0700)
Subject: Disable middle relay queue overfill detection code due to possible guard discovery... 
X-Git-Tag: tor-0.2.4.14-alpha~4^2~2^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2a95f3171681ee53c97ccba9d80f4454b462aaa7;p=thirdparty%2Ftor.git

Disable middle relay queue overfill detection code due to possible guard discovery attack
---

diff --git a/changes/bug9072 b/changes/bug9072
new file mode 100644
index 0000000000..e594a38335
--- /dev/null
+++ b/changes/bug9072
@@ -0,0 +1,3 @@
+  o Critical bugfixes:
+    - Disable middle relay queue overfill detection code due to possible
+      guard discovery attack, pending further analysis.  Fixes bug #9072.
diff --git a/src/or/relay.c b/src/or/relay.c
index 087459c5c0..fdb4bff709 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -2548,6 +2548,10 @@ append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn,
     streams_blocked = circ->streams_blocked_on_p_conn;
   }
 
+  /*
+   * Disabling this for now because of a possible guard discovery attack
+   */
+#if 0
   /* Are we a middle circuit about to exceed ORCIRC_MAX_MIDDLE_CELLS? */
   if ((circ->n_conn != NULL) && CIRCUIT_IS_ORCIRC(circ)) {
     orcirc = TO_OR_CIRCUIT(circ);
@@ -2566,6 +2570,7 @@ append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn,
       }
     }
   }
+#endif
 
   cell_queue_append_packed_copy(queue, cell);