[tor-bugs] #29989 [Core Tor/Tor]: Add a flag to set chosen_exit_optional to false for MapAddress torrc option (and controller?)

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Apr 10 05:52:30 UTC 2019 

#29989: Add a flag to set chosen_exit_optional to false for MapAddress torrc option
(and controller?)
-------------------------------------------------+-------------------------
 Reporter:  babyfarkmcgeezaxxon                  |          Owner:  (none)
     Type:  enhancement                          |         Status:  new
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:  Tor:
                                                 |  0.3.5.8
 Severity:  Normal                               |     Resolution:
 Keywords:  security-low?, tor-client, tor-exit  |  Actual Points:
Parent ID:                                       |         Points:  1
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by arma):

 I just tried to reproduce. I have set
 {{{
 MapAddress ayefiles.com
 ayefiles.com.719FD0FA327F3CCBCDA0D4EA74C15EA110338942.exit
 }}}
 in my torrc file.

 Then I connected to my control port, and issued a SETEVENT CIRC STREAM.

 Then I did a
 {{{
 curl -x socks5h://127.0.0.1:9050 https://ayefiles.com/
 }}}

 On my control events, I see
 {{{
 650 STREAM 10 NEW 0 ayefiles.com:443 SOURCE_ADDR=127.0.0.1:32810
 PURPOSE=USER
 650 STREAM 10 REMAP 0
 ayefiles.com.719FD0FA327F3CCBCDA0D4EA74C15EA110338942.exit:443
 SOURCE=CACHE
 650 CIRC 2 EXTENDED
 $A69221A7EC7498D2F88A0FB795261013FA36CAAE~Truie,$69B5CB623284C943EBA264AAA8355B0966D3D141~88f324d4,$92D8008026AA72131A5357005054048F879F2808~i2p3,$719FD0FA327F3CCBCDA0D4EA74C15EA110338942~F3Netze
 BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2019-04-10T05:40:07.655948
 650 CIRC 2 BUILT
 $A69221A7EC7498D2F88A0FB795261013FA36CAAE~Truie,$69B5CB623284C943EBA264AAA8355B0966D3D141~88f324d4,$92D8008026AA72131A5357005054048F879F2808~i2p3,$719FD0FA327F3CCBCDA0D4EA74C15EA110338942~F3Netze
 BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL
 TIME_CREATED=2019-04-10T05:40:07.655948
 650 STREAM 10 SENTCONNECT 2
 ayefiles.com.719FD0FA327F3CCBCDA0D4EA74C15EA110338942.exit:443
 650 STREAM 10 REMAP 2
 104.27.129.253.719FD0FA327F3CCBCDA0D4EA74C15EA110338942.exit:443
 SOURCE=EXIT
 650 STREAM 10 SUCCEEDED 2
 104.27.129.253.719FD0FA327F3CCBCDA0D4EA74C15EA110338942.exit:443
 650 STREAM 10 CLOSED 2
 104.27.129.253.719FD0FA327F3CCBCDA0D4EA74C15EA110338942.exit:443
 REASON=DONE
 }}}

 So, it's looking good.

 How is the original poster testing? Is it possible that because this is a
 cloudflare site, it is sending Tor Browser a redirect to a different
 destination, and Tor Browser is then going there, which would of course
 mean it is no longer going to the original destination address?

 (Cloudflare uses the alt-svc http header to do some surprise redirections
 under the hood: https://blog.cloudflare.com/cloudflare-onion-service/ But
 that in any case is not a bug in the program called Tor and how it handles
 the .exit notation.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29989#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list