[tor-bugs] #26158 [Core Tor/Tor]: A little bug of circular path of Tor
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue May 22 04:00:17 UTC 2018
#26158: A little bug of circular path of Tor
-------------------------------------------------+-------------------------
Reporter: TBD.Chen | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
| 0.3.4.x-final
Component: Core Tor/Tor | Version: Tor:
| 0.3.0.1-alpha
Severity: Normal | Resolution:
Keywords: circular-path, security-low, | Actual Points:
031-backport, 032-backport, 033-backport, |
034-backport |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by teor):
* keywords: circular-path =>
circular-path, security-low, 031-backport, 032-backport, 033-backport,
034-backport
* version: Tor: 0.3.2.10 => Tor: 0.3.0.1-alpha
* milestone: Tor: 0.3.2.x-final => Tor: 0.3.4.x-final
Comment:
Thanks for reporting this issue!
This is a bug in commit c837786 in 0.3.0.1-alpha.
I've marked it as security-low, because since commit 592a439 in
0.2.7.2-alpha, directory authorities pin relay ed25519 keys to RSA keys.
This means that a relay in the consensus can't pass the RSA check, but
fail the ed25519 check.
(A client can't loop between two bridges using different keys, because RSA
IDs are mandatory. When we stop making RSA IDs mandatory, we'll need to
think carefully about this issue, and multiple ORPorts as well.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26158#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list