[tor-bugs] #24902 [Core Tor/Tor]: Denial of Service mitigation subsystem
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jan 29 08:26:25 UTC 2018
#24902: Denial of Service mitigation subsystem
-------------------------------------------------+-------------------------
Reporter: dgoulet | Owner: dgoulet
Type: enhancement | Status:
| needs_review
Priority: Very High | Milestone: Tor:
| 0.3.3.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: ddos, tor-relay, review-group-30, | Actual Points:
029-backport, 031-backport, 032-backport, |
review-group-31 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by arma):
{{{
+ if (dos_cc_get_defense_type(chan) == DOS_CC_DEFENSE_REFUSE_CELL) {
+ channel_send_destroy(cell->circ_id, chan,
+ END_CIRC_REASON_TORPROTOCOL);
}}}
Should we use END_CIRC_REASON_RESOURCELIMIT instead?
I could see us using TORPROTOCOL but in that case we should add something
to the tor specs describing what behavior is violating the protocol.
For comparison, we use END_CIRC_REASON_RESOURCELIMIT right now when our
create cell queue is too full so we're preemptively failing the circuit.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24902#comment:43>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list