encrypted peers' outgoing RC4 stream can be corrupted by sending protocol messages out-of-order

[charles]

Beginning back with the "performance patch" submitted by Aloisus via the forums, Transmission has made a practice of buffering up non-critical BitTorrent? protocol messages (such as `have' and periodic pex messages) and sending them in a batch to reduce socket-level packet overhead.

The bug is that these protocol messages are encrypted as they're written into the batch buffer. If that is done, and then we encrypt and send piece data before the protocol messages batch is flushed, then the order of the messages' encryption and transmission are reversed and the RC4 stream becomes corrupt.

Special thanks goes to denisx and especially merlyn3d for helping track down this bug.

[charles]

test fix committed to trunk in r7770

[charles]

As described in ​this forum post, Aloisus' performance patch was committed to svn in r6259, shortly after Transmission 1.22's release (r6191).

[charles]

The link in comment #4 is incorrect. The forum thread describing Aloisius' patch and when it went into svn is at ​http://forum.transmissionbt.com/viewtopic.php?f=2&t=5205&p=25339

[charles]

backported to the 1.5x branch in r7771