Fix a comment that misunderstood is_canonical

is_canonical doesn't mean "am I connected to the one true address of this relay"; it means "does this relay tell me that the address I'm connected to belong to it." The point is to prevent TCP-based MITM, not to prevent the relay from multi-homing. Related to 22890.
2025-02-25 07:07:52 +01:00 · 2017-09-20 09:38:50 -04:00 · 2017-09-20 09:38:50 -04:00 · 427ae164f3
commit 427ae164f3
parent 9e0587f806
1 changed files with 5 additions and 6 deletions
--- a/src/or/channeltls.c
+++ b/src/or/channeltls.c
@ -1793,12 +1793,11 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan)
      return;
    }
    /* A relay can connect from anywhere and be canonical, so
-     * long as it tells you from where it came. This may be a bit
-     * concerning.. Luckily we have another check in
-     * channel_tls_matches_target_method() to ensure that extends
-     * only go to the IP they ask for.
-     *
-     * XXX: Bleh. That check is not used if the connection is canonical.
+     * long as it tells you from where it came. This may sound a bit
+     * concerning... but that's what "canonical" means: that the
+     * address is one that the relay itself has claimed.  The relay
+     * might be doing something funny, but nobody else is doing a MITM
+     * on the relay's TCP.
     */
    if (tor_addr_eq(&addr, &(chan->conn->real_addr))) {
      connection_or_set_canonical(chan->conn, 1);