#24902: Denial of Service mitigation subsystem -------------------------------------------------+------------------------- Reporter: dgoulet | Owner: dgoulet Type: enhancement | Status: | needs_review Priority: Very High | Milestone: Tor: | 0.3.3.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: ddos, tor-relay, review-group-30, | Actual Points: 029-backport, 031-backport, 032-backport, | review-group-31 | Parent ID: | Points: Reviewer: | Sponsor: -------------------------------------------------+-------------------------
Comment (by arma): {{{ + if (dos_cc_get_defense_type(chan) == DOS_CC_DEFENSE_REFUSE_CELL) { + channel_send_destroy(cell->circ_id, chan, + END_CIRC_REASON_TORPROTOCOL); }}} Should we use END_CIRC_REASON_RESOURCELIMIT instead? I could see us using TORPROTOCOL but in that case we should add something to the tor specs describing what behavior is violating the protocol. For comparison, we use END_CIRC_REASON_RESOURCELIMIT right now when our create cell queue is too full so we're preemptively failing the circuit. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24902#comment:43> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs