[tor-bugs] #7144 [Tor]: Implement Bridge Guards and other anti-enumeration defenses

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Dec 17 15:10:03 UTC 2015


#7144: Implement Bridge Guards and other anti-enumeration defenses
-------------------------------------------------+-------------------------
 Reporter:  karsten                              |          Owner:
     Type:  project                              |         Status:
 Priority:  High                                 |  needs_review
Component:  Tor                                  |      Milestone:  Tor:
 Severity:  Normal                               |  0.2.8.x-final
 Keywords:  SponsorZ, tor-bridge,                |        Version:
  027-triaged-1-out, TorCoreTeam201509,          |     Resolution:
  028-triage, 028-triaged                        |  Actual Points:
Parent ID:                                       |         Points:  medium
  Sponsor:                                       |
-------------------------------------------------+-------------------------

Comment (by nickm):

 Okay, now to review "e81acaf5f33e Implement Bridge Guards (prop188).".

 The big files are command.c and loose.c.  I'll review the others first.

 circuitmux.c:
    * I think that the changes here should make use of a CIRCUIT_HAS_CPATH
 macro rather than doing `origin || loose`; this logic is likely to be
 important elsewhere.

 onion.c:
    * What does the `+  // prop#188` comment mean?  More detail please.

 or.h:
    * 0x13371515, huh? :)  Fair enough.
    * p_chan_relay_cell is a little confusing. How do we know that they
 won't send *two* relay early cells, and what do we do if they do?  Also
 consider prop#249 ("Large create cells")
    * I think some of the tor_asserts() in the OR_TO_LOOSE_CIRCUIT_()
 functions need to check for LOOSE_CIRCUIT_MAGIC, not OR_CIRCUIT_MAGIC.
    * Did you grep for other uses of OR_CIRCUIT_MAGIC to see if they needed
 to change as well?

 relay.c:
    * I wonder whether there is really no shared code with
 circuit_receive_relay_cell and loose_circuit_process_relay_cell.  I guess
 I'll find out when I review loose.c
    * What does the `+  // prop#188` comment mean?  More detail please.

 Okay, next step is the hard part. :)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7144#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list