[tor-bugs] #24509 [Core Tor/Tor]: circuit_can_use_tap() should only allow TAP for v2 onion services
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Dec 4 00:52:54 UTC 2017
#24509: circuit_can_use_tap() should only allow TAP for v2 onion services
-------------------------+-------------------------------------------------
Reporter: teor | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.3.x-final
Component: Core | Version: Tor: 0.3.2.1-alpha
Tor/Tor | Keywords: prop224, tor-hs, security-low,
Severity: Normal | easy, intro
Actual Points: | Parent ID:
Points: 0.5 | Reviewer:
Sponsor: |
-------------------------+-------------------------------------------------
circuit_can_use_tap() checks the circuit purpose to make sure that it's an
onion service circuit. But it should also check that the circuit is for a
v2 onion service before allowing TAP.
There should be a field in the circuit or extend_info that we can use for
this.
This is security-low, because it's a defence in depth mechanism that
doesn't provide as much defence as we thought.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24509>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list