[tor-bugs] #31009 [Core Tor/Tor]: Tor lets transports advertise private IP addresses in descriptor
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jun 27 20:41:25 UTC 2019
#31009: Tor lets transports advertise private IP addresses in descriptor
--------------------------+------------------------
Reporter: phw | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points: 0.5
Reviewer: | Sponsor:
--------------------------+------------------------
Comment (by teor):
We should try to imitate or re-use Tor's implementation of OR addresses as
much as possible:
* ExtendAllowPrivateAddresses
* should Tor connect to bridges on private addresses?
* currently Tor connects to private bridges, we probably don't want to
break those configs, so we should make the default auto, which is relays 0
bridges 1
* DirAllowPrivateAddresses
* this setting should make the bridge authority reject pluggable
transport lines with private addresses
* ORPort NoListen / NoAdvertise
* these are ORPort flags, I'm not sure if we want to add similar flags
to ServerTransportListenAddr
* alternately, we could add a ServerTransportAdvertiseAddr in
ServerTransportOptions, so the pluggable transport can find out about it
Is there a TOR_PT_SERVER_ADVERTISEADDR in the PT spec?
If not, we should add one?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31009#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list