[tor-bugs] #22688 [Core Tor/Tor]: Make sure HSDir3s never know service, client, or bridge IP addresses (was: HSDir3s should refuse direct client descriptor uploads and downloads, even if encrypted)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jun 21 23:02:02 UTC 2017
#22688: Make sure HSDir3s never know service, client, or bridge IP addresses
-------------------------------------------------+-------------------------
Reporter: teor | Owner:
Type: defect | Status:
| needs_review
Priority: Medium | Milestone: Tor:
| 0.3.1.x-final
Component: Core Tor/Tor | Version: Tor:
| unspecified
Severity: Normal | Resolution:
Keywords: prop224, relay-safety, | Actual Points: 0.3
031-backport, maybe-030-backport-with-21406 |
Parent ID: | Points: 0.3
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by teor):
* status: new => needs_review
* keywords: prop224, relay-safety, 031-backport, no-030-backport =>
prop224, relay-safety, 031-backport, maybe-030-backport-with-21406
* actualpoints: 0.2 => 0.3
* points: 0.2 => 0.3
Comment:
Please see my branch bug22688-031 on github.
If we want to backport it to 0.3.0, we also need to backport the
channel_is_client fix in #21406, which was merged in 0.3.1.1-alpha.
This compiles, but can't actually test this, so dgoulet or asn will need
to check it against their working HSv3 service and client code.
This breaks the direct descriptor downloads tor2web used to do in HSv2,
see #20104. But we don't plan on tor2web in HSv3, so that's ok. (And if we
do, this is something we should fix.)
(This patch doesn't check if the circuit is from a relay, that check would
be redundant.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22688#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list