[tor-bugs] #17945 [Core Tor/Tor]: Stop Tor2Web connecting to (Rendezvous) Single Onion Services
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Feb 26 17:30:37 UTC 2018
#17945: Stop Tor2Web connecting to (Rendezvous) Single Onion Services
-------------------------------------------------+-------------------------
Reporter: teor | Owner: dgoulet
Type: enhancement | Status:
| needs_revision
Priority: Medium | Milestone: Tor:
| 0.3.3.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor2web, tor-hs, 029-proposed, 029 | Actual Points: 0.4
-teor-no, needs-design, needs-proposal-maybe, |
single-onion, review-group-33 |
Parent ID: #24962 | Points: 5
Reviewer: asn, teor | Sponsor:
-------------------------------------------------+-------------------------
Comment (by asn):
Replying to [comment:48 teor]:
> Also, can we do the whole HS protocol at once:
> * intro point v2 and v3: close the HS INTRODUCE side if both sides are
directly connected (#22689)
> * HS v2: refuse descriptor uploads if the service is directly connected
(#22688)
> * we can't refuse direct descriptor downloads, because Tor2web uses
them
> * HSv3: refuse descriptor uploads and downloads if the client or service
are directly connected (#22688)
>
Hmmm. Kinda naughty to dump all this so late in the process. I don't think
this can be 033 material, but perhaps we could consider it for 034. I
liked dgoulet's patch because it was super simple and did the thing, but
this new patchset is too complicated IMO.
Particularly commit `10290066c8` and `connection_dir_is_anonymous()` is
way more complicated than anything I would hope to see in this ticket.
It's untestable, requires super deep knowledge of Tor's internals and is
called by multiple dir entry points...
My suggestion is to go with something simple for now (maybe dgoulet's
branch or nothing at all) if we want to go for 033, and then in Rome we
should try to think hard of how exactly we want to treat and support 1-hop
clients/services, and design the appropriate patchsets with calm.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17945#comment:51>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list