[tor-bugs] #31088 [Core Tor/Tor]: Check IPv4 and IPv6 private addresses in descriptors, first hops, and extends
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jul 23 18:08:26 UTC 2019
#31088: Check IPv4 and IPv6 private addresses in descriptors, first hops, and
extends
-------------------------------------------------+-------------------------
Reporter: teor | Owner: neel
Type: defect | Status:
| needs_revision
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: ipv6, tor-relay, tor-client, tor- | Actual Points:
dirauth |
Parent ID: #24403 | Points:
Reviewer: nickm | Sponsor:
-------------------------------------------------+-------------------------
Changes (by nickm):
* status: needs_review => needs_revision
Comment:
Two issues.
First, have a look at your checks in circuit_extend(): it will make the
extend cell get rejected only when *BOTH* of the target addresses are
internal. I don't think that's right.
Second, I see that in dirserv_router_has_valid_address() you're testing
the address for is_null, but in circuit_extend() you aren't. What's the
reasoning there?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31088#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list