[tor-bugs] #25193 [Core Tor/Tor]: dos: Avoid blacklisting Exit relays

Fri Feb 9 15:57:31 UTC 2018

#25193: dos: Avoid blacklisting Exit relays
-------------------------+-------------------------------------------------
     Reporter:  dgoulet  |      Owner:  dgoulet
         Type:  defect   |     Status:  assigned
     Priority:  Very     |  Milestone:  Tor: 0.3.3.x-final
  High                   |
    Component:  Core     |    Version:
  Tor/Tor                |   Keywords:  tor-dos, tor-relay, 029-backport,
     Severity:  Normal   |  031-backport, 032-backport
Actual Points:           |  Parent ID:
       Points:           |   Reviewer:
      Sponsor:           |
-------------------------+-------------------------------------------------
 It is possible to do "tor-in-tor" meaning a tor client connection can exit
 the network and come back at a Guard node.

 And if this happens to be detected by the DoS subsystem, we'll blacklist
 the Exit relay for a while. That is *NOT* good.

 Now that we have #25183, we can lookup the inbound address to learn if we
 know it. And if we do, don't consider it a potential malicious client that
 we need to look at.

 That is one part of the solution, the second part is #2667 so we actually
 prevent reentry from Exit but that part won't be backported just yet (if
 ever).

 This work will be part of #24902 so once merge_ready, it will be merged
 into my branch `ticket24902_029_05`.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25193>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online