tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit 7fd3979b8a2dc4e8abf15e5e0cd6bba12e9f5e49
parent 9182d077f2c2271363ffcd9b51d43ad48fba69d0
Author: Nick Mathewson <nickm@torproject.org>
Date:   Thu, 20 Nov 2025 12:13:48 -0500

Do not let END_STREAM_REASON_ENTRYPOLICY have a value < 256.

It isn't in the spec, and so should not be recognized in an END message.

Closes #41171.  Bugfix on 0.2.0.8-alpha.

Diffstat:

Achanges/bug41171 | 5+++++


Msrc/core/or/or.h | 6+++++-


2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/changes/bug41171 b/changes/bug41171
@@ -0,0 +1,5 @@
+  o Minor bugfixes (spec conformance):
+    - Do not treat "15" as a recognized remote END reason code.
+      Formerly, we treated it as synonymous with a local ENTRYPOLICY,
+      which isn't a valid remote code at all.
+      Fixes bug 41171; bugfix on 0.2.0.8-alpha.
diff --git a/src/core/or/or.h b/src/core/or/or.h
@@ -297,7 +297,6 @@ is_known_relay_command(const uint8_t cmd)
 #define END_STREAM_REASON_CONNRESET 12
 #define END_STREAM_REASON_TORPROTOCOL 13
 #define END_STREAM_REASON_NOTDIRECTORY 14
-#define END_STREAM_REASON_ENTRYPOLICY 15
 
 /* These high-numbered end reasons are not part of the official spec,
  * and are not intended to be put in relay end cells. They are here
@@ -326,6 +325,11 @@ is_known_relay_command(const uint8_t cmd)
  * way we can't handle.
  */
 #define END_STREAM_REASON_HTTPPROTOCOL 263
+/**
+ * The user has asked us to do something that we reject
+ * (Like connecting to a plaintext port, or violating OnionTrafficOnly.)
+ **/
+#define END_STREAM_REASON_ENTRYPOLICY 264
 
 /** Bitwise-and this value with endreason to mask out all flags. */
 #define END_STREAM_REASON_MASK 511