[tor-bugs] #24964 [Core Tor/Tor]: dos: Block single hop client at the HSDir
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jun 20 12:18:09 UTC 2019
#24964: dos: Block single hop client at the HSDir
--------------------------------------+------------------------------------
Reporter: dgoulet | Owner: dgoulet
Type: defect | Status: needs_revision
Priority: Medium | Milestone: Tor: 0.4.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-dos, tor2web, tor-hs | Actual Points: 0.1
Parent ID: #24962 | Points: 0.1
Reviewer: | Sponsor: Sponsor27-must
--------------------------------------+------------------------------------
Comment (by dgoulet):
Replying to [comment:7 arma]:
> Replying to [comment:6 teor]:
> > We could check that the previous hop is a relay in the consensus.
> > If we do that check. then a small number of HSDir requests will fail,
and the client will try another HSDir with another circuit.
>
> Careful there! That might be true for client requests (doing a GET), but
it will be less true for service requests (doing a POST).
This checks if the previous channel is client or not. That is
unauthenticated. If the link is unauthenticated, then it is denied.
The case of a service posting a descriptor will always work as long as the
service does it through relays in consensus or not. If I'm not mistaken
(?), all public relays will authenticate.
The case of the client trying to go around that check with a relay not in
the consensus I believe will still authenticate on the link? Unless it is
a bridge?
What am I missing here?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24964#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list