commit d502b269d05beb0d575eea1d79d3ce4c5e71f4fd
parent 9182d077f2c2271363ffcd9b51d43ad48fba69d0
Author: David Goulet <dgoulet@torproject.org>
Date: Mon, 24 Nov 2025 15:26:15 +0000
Merge branch 'entrypolicy_reason' into 'main'
Do not let END_STREAM_REASON_ENTRYPOLICY have a value < 256.
Closes #41171
See merge request tpo/core/tor!957
Diffstat:
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/changes/bug41171 b/changes/bug41171
@@ -0,0 +1,5 @@
+ o Minor bugfixes (spec conformance):
+ - Do not treat "15" as a recognized remote END reason code.
+ Formerly, we treated it as synonymous with a local ENTRYPOLICY,
+ which isn't a valid remote code at all.
+ Fixes bug 41171; bugfix on 0.2.0.8-alpha.
diff --git a/src/core/or/or.h b/src/core/or/or.h
@@ -297,7 +297,6 @@ is_known_relay_command(const uint8_t cmd)
#define END_STREAM_REASON_CONNRESET 12
#define END_STREAM_REASON_TORPROTOCOL 13
#define END_STREAM_REASON_NOTDIRECTORY 14
-#define END_STREAM_REASON_ENTRYPOLICY 15
/* These high-numbered end reasons are not part of the official spec,
* and are not intended to be put in relay end cells. They are here
@@ -326,6 +325,11 @@ is_known_relay_command(const uint8_t cmd)
* way we can't handle.
*/
#define END_STREAM_REASON_HTTPPROTOCOL 263
+/**
+ * The user has asked us to do something that we reject
+ * (Like connecting to a plaintext port, or violating OnionTrafficOnly.)
+ **/
+#define END_STREAM_REASON_ENTRYPOLICY 264
/** Bitwise-and this value with endreason to mask out all flags. */
#define END_STREAM_REASON_MASK 511
