[tor-bugs] #8215 [Tor]: Simple Relay: random unknown UDP port in listen mode

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Mar 1 18:23:42 UTC 2014 

#8215: Simple Relay: random unknown UDP port in listen mode
-----------------------------+------------------------------
     Reporter:  elgo         |      Owner:
         Type:  enhancement  |     Status:  reopened
     Priority:  normal       |  Milestone:  Tor: unspecified
    Component:  Tor          |    Version:
   Resolution:               |   Keywords:  tor-relay dns
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+------------------------------

Comment (by nickm):

 Replying to [comment:11 arma]:
  [...]

 > >  - Why does a Tor relay need to do DNS lookups at all?
 >
 > If a Tor client wants to visit cnn.com, she can't very well do the dns
 resolve herself -- otherwise anybody watching her network would know where
 she will soon anonymously go. So she sends "cnn.com" to the exit relay,
 which resolves it and connects.

 Cypherpunks might be asking "why does a [non-exit] relay need to do DNS
 lookups".  The answer is that they don't need to do DNS lookups for users
 at all -- and they refuse any requests that users make.  The only lookups
 that were still happening were self-testing lookups, which we just fixed
 with the patch to bug #965.

 I wonder if the #965 fix (which will go into 0.2.5.3-alpha) is sufficient
 to make us stop opening the UDP ports entirely.  If not, another fix is in
 order.

 > >  - If Tor actually needs to do its own DNS lookups, shouldn't it be
 using a randomized source port for every query? (Otherwise it is
 relatively trivial to send it spoofed answers, no?)
 >
 > I hope it does. Please check.

 I don't think we do; we use a hypervigilant version of the 0x20 trick
 instead.  (We randomize case in outgoing requests, and treat a reply with
 correct port and trans_id but mismatched case as indicating an error, and
 cancel the request.)

 I tried getting the randomized source port trick to work once, but the
 usual way of doing it would run exit nodes out of sockets pretty fast on
 hosts like OSX that are slow to release ports.

 I'd be glad to take a patch for evdns in libevent, if we can limit the
 number of sockets to something less than "an unbounded number".

 > >  - Is it bad that my Tor relay where I just noticed this port (leading
 me to find this ticket) can only make TCP connections? It seems to be
 relaying traffic nonetheless, but now I'm worried perhaps I'm failing
 circuits to relays which only have DNS names in their descriptors? (Do
 such relays exist?)
 >
 > If you're a non-exit relay, it's ok because typically clients will never
 ask you to do dns resolves for them. If you're an exit relay, yes it's
 bad.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8215#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list