[tor-bugs] #17605 [Core Tor/Tor]: Tell caches to remove X-Your-Address-Is from Tor Directory documents
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jan 12 00:50:48 UTC 2017
#17605: Tell caches to remove X-Your-Address-Is from Tor Directory documents
-------------------------------------------------+-------------------------
Reporter: teor | Owner: jryans
Type: defect | Status:
| needs_review
Priority: High | Milestone: Tor:
| 0.3.0.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-auth, isaremoved, | Actual Points:
tor-03-unspecified-201612, review-group-14 |
Parent ID: | Points: 2
Reviewer: nickm | Sponsor:
-------------------------------------------------+-------------------------
Comment (by teor):
Replying to [comment:19 nickm]:
> This patch looks correct to me: it removes support for giving or taking
the X-Your-Address-Is hint, and replaces it with looking at the netinfo
hint instead.
>
> I have two questions about this patch -- arma or teor, could you give
some feedback?
>
> * Should it ignore IPv6 addresses, because we can't publish them as a
relay's primary address? (I think "yes".)
At some point, we would like relays to be able to learn their IPv6
addresses (#5940). But since this is a new feature, with its own ticket,
there's no need to implement it in this ticket.
> * Should it continue to give the X-Your-Address-Is answer for now, in
case some relays actually need it? (Here I'm not sure.)
Yes, but only over an encrypted begindir connection.
Or, we can cut out all the X-Your-Address-Is code, and just rely on
NETINFO cells.
Here's what I'd like to do:
A) directory caches only send X-Your-Address-Is on begindir connections
- modify `if (!is_local_addr(&conn->base_.addr)) {` in
write_http_response_header_impl() to check for begindir connections
B) relays only believe X-Your-Address-Is from begindir connections
- modify `if (conn->dirconn_direct) {` in
connection_dir_client_reached_eof() to check for begindir connections
C) relays which don't know their own IP address make a begindir connection
to an authority to discover that IP address
- modify `if (!directory_must_use_begindir(options)) {` in
directory_command_should_use_begindir() to also check if we know our own
address using `router_pick_published_address(options, &addr, 1) == 0`
What will likely happen is:
* the relay initiates a begindir connection and receives its own IP
address in the NETINFO cell
If this fails, then:
* the relay believes the X-Your-IP-Address-Is header on the encrypted
begindir request
We can't just implement A) as a transitional measure for older relays
talking to newer caches, because those older relays will never make
begindir connections - in directory_command_should_use_begindir(), relays
never make begindir connections (well, until #20711, and then only in the
case when the mirror only has an ORPort).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17605#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list