Opened 12 years ago

Last modified 12 years ago

#1734 closed Bug

encrypted peers' outgoing RC4 stream can be corrupted by sending protocol messages out-of-order — at Version 2

Reported by: charles Owned by: charles
Priority: Normal Milestone: 1.50
Component: libtransmission Version: 1.42
Severity: Blocker Keywords:

Description (last modified by charles)

Beginning back with the "performance patch" submitted by Aloisus via the forums, Transmission has made a practice of buffering up non-critical BitTorrent? protocol messages (such as `have' and periodic pex messages) and sending them in a batch to reduce socket-level packet overhead.

The bug is that these protocol messages are encrypted as they're written into the batch buffer. If that is done, and then we encrypt and send piece data before the protocol messages batch is flushed, the order of the messages' encryption and the messages' transmission are reversed and the RC4 stream is corrupted.

Special thanks goes to denisx and especially merlyn3d for helping track down this bug.

Change History (2)

comment:1 Changed 12 years ago by charles

  • Owner set to charles
  • Status changed from new to assigned

test fix committed to trunk in r7770

comment:2 Changed 12 years ago by charles

  • Description modified (diff)
Note: See TracTickets for help on using tickets.