[tor-bugs] #18483 [Core Tor/Tor]: Clients should always tunnel connections, and never fall back to a DirPort (was: Clients should always tunnel connections, even if FetchDirInfoExtraEarly is set)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Apr 26 01:31:47 UTC 2016
#18483: Clients should always tunnel connections, and never fall back to a DirPort
------------------------------------+------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.2.8.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: must-fix-before-028-rc | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor: None
------------------------------------+------------------------------------
Changes (by teor):
* status: needs_information => new
Comment:
When a Tor client selects a directory mirror with an ORPort it can't
reach, it uses the DirPort. Instead, clients should only select relays
with ORPorts they can reach, and should never use DirPorts.
Clients (and onion services, and bridges(?)) should never use the
following dir_indirection_t:
* DIRIND_DIRECT_CONN
* DIRIND_ANON_DIRPORT
We should modify the meaning of DIRIND_ONEHOP so tor only falls back when
it is in public_server_mode():
Default: connect over a one-hop Tor circuit. Only fall back to direct
connection if you are a relay or authority.
Is this too big a change to make just before the 0.2.8 release?
I'm concerned because we need it to make #18809 simpler, and that's a fix
on a feature that's in 0.2.8.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18483#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list