[tor-bugs] #24964 [Core Tor/Tor]: dos: Block single hop client at the HSDir

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jun 19 15:27:57 UTC 2019


#24964: dos: Block single hop client at the HSDir
--------------------------------------+------------------------------------
 Reporter:  dgoulet                   |          Owner:  dgoulet
     Type:  defect                    |         Status:  accepted
 Priority:  Medium                    |      Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor              |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tor-dos, tor2web, tor-hs  |  Actual Points:
Parent ID:  #24962                    |         Points:  0.1
 Reviewer:                            |        Sponsor:  Sponsor27-must
--------------------------------------+------------------------------------

Comment (by dgoulet):

 This one... I have honestly no idea how to pull this off with our current
 tor code.

 Problem is that when the `GET` requests comes in for the descriptor, we
 only learn what it is in the directory connection layer which doesn't have
 any clue about the circuit.

 I've tried to take the approach we use with `edge_connection_t` where we
 put the circuit pointer in it (`on_circuit`) but since the directory
 request code is called from the connection read callback, there is no
 access to the circuit at that level either...

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24964#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list