[tor-bugs] #13155 [Tor]: I can use an extend cell to remotely determine whether two relays have a connection open

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Sep 14 00:15:40 UTC 2014


#13155: I can use an extend cell to remotely determine whether two relays have a
connection open
------------------------+--------------------------
     Reporter:  arma    |      Owner:
         Type:  defect  |     Status:  new
     Priority:  normal  |  Milestone:  Tor: 0.2.???
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:
Actual Points:          |  Parent ID:
       Points:          |
------------------------+--------------------------

Comment (by arma):

 I wonder how thorough a fix it would be to check if it's an identity key
 and address we know from the consensus, and if so, use the canonical port
 instead of the one we found in the extend cell.

 I guess that situation would fail in the case where the relay had just
 changed its port but kept the same address, and whoever sent the extend
 cell knew it but we haven't noticed it yet. That situation is plausible,
 especially for relays who set e.g. 'orport auto'.

 Another option would be to avoid setting the is_canonical flag if the port
 we've been asked for isn't the one the directory tells us to expect, or or
 avoid using a canonical circuit if the port we used for that circuit
 doesn't match the port we've just been asked for. That might help some?
 Hm.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13155#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list