[tor-bugs] #10777 [Tor]: Remotely triggerable circuit destruction by path bias code

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 11 10:53:50 UTC 2014


#10777: Remotely triggerable circuit destruction by path bias code
-----------------------------+-----------------------------------
     Reporter:  cypherpunks  |      Owner:
         Type:  defect       |     Status:  needs_review
     Priority:  major        |  Milestone:  Tor: 0.2.4.x-final
    Component:  Tor          |    Version:
   Resolution:               |   Keywords:  tor-client regression
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+-----------------------------------

Comment (by cypherpunks):

 >We only return INTERNAL if the decryption itself fails, not for
 unrecognized. Still digging for other cases...
 All working end stream reasons can be sent only after success relay cell
 decryption. Exit or AP can't to send relay_end if digest or 'recognized'
 field was wrong. Any STREAM END reason, including
 END_STREAM_REASON_INTERNAL and END_STREAM_REASON_DESTROY. Exit sends end
 stream (it's not circuit!) only if plain text was invalid for some
 reasons.

 If you believe tagging attack can be undetectable by honest exit node
 during digest checking, why do you think checking end stream reason have
 any sense?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10777#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list