[tor-bugs] #17782 [Tor]: Relays may publish descriptors with incorrect IP address

[Tor Bug Tracker & Wiki]

#17782: Relays may publish descriptors with incorrect IP address
--------------------+------------------------------------
 Reporter:  fk      |          Owner:
     Type:  defect  |         Status:  new
 Priority:  High    |      Milestone:  Tor: 0.2.7.x-final
Component:  Tor     |        Version:  Tor: unspecified
 Severity:  Major   |     Resolution:
 Keywords:          |  Actual Points:
Parent ID:          |         Points:
  Sponsor:          |
--------------------+------------------------------------
Changes (by teor):

 * version:  Tor: 0.2.7.4-rc => Tor: unspecified


Comment:

 This issue was a known issue when it was introduced in 0.1.2.1-alpha in
 commit 9db7b2c0687a3ee28e96e0c0db6c2a3e7ef4c626 / svn:r6774 on 17 July
 2006:

 "Allow servers with no hostname or IP address to learn their IP address
 by asking the directory authorities. This code only kicks in when you
 would normally have exited with a "no address" error.

 This design is flawed, though, since the X-Your-Address-Is header is not
 authenticated, and doing it this way introduces too many new attacks. The
 right answer is to give IP address hints inside the HELLO cell; much of
 this code can be reused when we switch."

 The commit message doesn't describe the attack above, where the directory
 mirror deliberately lies. This may be due to the fact that only
 authorities were giving this information out in 2006, and they are semi-
 trusted.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17782#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online