[tor-bugs] #31088 [Core Tor/Tor]: Check IPv4 and IPv6 private addresses in descriptors (was: Check IPv4 and IPv6 private addresses in descriptors, first hops, and extends)

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Aug 27 12:28:26 UTC 2019 

#31088: Check IPv4 and IPv6 private addresses in descriptors
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  neel
     Type:  defect                               |         Status:  closed
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.4.2.x-final
Component:  Core Tor/Tor                         |        Version:  Tor:
                                                 |  0.2.3.21-rc
 Severity:  Normal                               |     Resolution:  fixed
 Keywords:  asn-merge, dgoulet-merge, consider-  |  Actual Points:  0.4
  backport-after-authority-test, consider-       |
  backport-after-0421-alpha, 040-backport-       |
  maybe, 041-backport-maybe, ipv6, tor-relay,    |
  tor-client, tor-dirauth                        |
Parent ID:  #24403                               |         Points:
 Reviewer:  nickm                                |        Sponsor:
-------------------------------------------------+-------------------------

Old description:

> Tor should check for private relay IPv6 addresses:
>
> When authorities check descriptors:
> https://github.com/torproject/tor/blob/e9d99d2e15f09a394ad01189b7965af4888a61a6/src/feature/dirauth/process_descs.c#L429
>
> When relays extend:
> https://github.com/torproject/tor/blob/f7e8b3b68c8e2cecfc7ff4072e9f00d316aaba4f/src/core/or/circuitbuild.c#L1253
>
> And when clients connect:
> https://github.com/torproject/tor/blob/f7e8b3b68c8e2cecfc7ff4072e9f00d316aaba4f/src/core/or/circuitbuild.c#L552

New description:

 Tor should check for private relay IPv6 addresses:

 When authorities check descriptors:
 https://github.com/torproject/tor/blob/e9d99d2e15f09a394ad01189b7965af4888a61a6/src/feature/dirauth/process_descs.c#L429

 Note: these changes require IPv6 extends from #24403:

 When relays extend:
 https://github.com/torproject/tor/blob/f7e8b3b68c8e2cecfc7ff4072e9f00d316aaba4f/src/core/or/circuitbuild.c#L1253

 And when clients connect:
 https://github.com/torproject/tor/blob/f7e8b3b68c8e2cecfc7ff4072e9f00d316aaba4f/src/core/or/circuitbuild.c#L552

--

Comment (by teor):

 Oops I thought I edited this ticket's summary.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31088#comment:27>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list