[tor-bugs] #4581 [Tor Directory Authority]: Dir auths should defend themselves from too many begindir requests per address
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Nov 25 22:49:56 UTC 2011
#4581: Dir auths should defend themselves from too many begindir requests per
address
-------------------------------------+--------------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.2.x-final
Component: Tor Directory Authority | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------------------+--------------------------------------
#4580 would not have been so bad if we'd had a "you already sent me 5
begindir cells and I haven't even learned what you wanted to request on
them yet. I am going to refuse the sixth one." feature.
Alas, the bug causes us to make requests over time, and that will cause us
to have multiple OR conns open, so the defense cannot simply be "look at
how many other streams we have open on this circuit". I guess some sort of
map from IP address to count would do it?
I put this as an 0.2.2 milestone, but if the patch is complex I'll
probably not be excited about backporting it.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4581>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list