[tor-bugs] #4371 [Tor Client]: We close a connection to a relay whose time is more than an hour in the future
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Nov 1 09:30:07 UTC 2011
#4371: We close a connection to a relay whose time is more than an hour in the
future
------------------------+---------------------------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: major | Milestone: Tor: 0.2.3.x-final
Component: Tor Client | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
#4370 is about warnings about scary times. Those are worrying to users but
not actually harmful. The real problem is that we declare the cert invalid
and close the connection if the relay we're talking to is 61 minutes in
the future. That's new (and much too strict) behavior.
The previous behavior was to not care about the clock the other guy claims
to have, so long as he talks the Tor protocol. Things will likely go
poorly if he's more than a week or two out of date (e.g. since somebody's
onion key will probably be wrong now), but that's no reason to give up
without trying.
In fact, I think log_cert_lifetime() and tor_tls_check_lifetime() are in
0.2.2.x but never called?
So what do we give up by not checking the time on certs in 0.2.3.x either?
The cert is valid for a whole year, so I'm not sure what attacks we
resolve by being this precise. (If we still want to check if it's *past*
the one year mark, I wouldn't object.)
Pointed out by "bastik_tor".
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4371>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list