[tor-bugs] #30084 [Core Tor/Tor]: Relay: channel_tls_process_netinfo_cell private IP as public wrongly reported

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Jul 6 07:16:00 UTC 2019


#30084: Relay: channel_tls_process_netinfo_cell private IP as public wrongly
reported
-------------------------------------------------+-------------------------
 Reporter:  cypherpunks                          |          Owner:  (none)
     Type:  defect                               |         Status:  closed
 Priority:  Very Low                             |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:  Tor:
                                                 |  0.3.4.8
 Severity:  Minor                                |     Resolution:  not a
 Keywords:  private IP public                    |  bug
  channel_tls_process_netinfo_cell relay         |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by teor):

 Replying to [comment:8 cypherpunks]:
 > check reported "your ip is X" by this function
 if(tor_addr_is_internal_()) and don't trust reported it than. can't be
 used in descriptor

 Tor already does that check.

 Directory authorities reject descriptors with private addresses:
 https://github.com/torproject/tor/blob/e9d99d2e15f09a394ad01189b7965af4888a61a6/src/feature/dirauth/process_descs.c#L429

 Relays don't extend to private addresses:
 https://github.com/torproject/tor/blob/f7e8b3b68c8e2cecfc7ff4072e9f00d316aaba4f/src/core/or/circuitbuild.c#L1253

 And clients don't connect to public relays on private addresses:
 https://github.com/torproject/tor/blob/f7e8b3b68c8e2cecfc7ff4072e9f00d316aaba4f/src/core/or/circuitbuild.c#L552

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30084#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list