[tor-bugs] #33237 [Core Tor/Tor]: Prop 312: 3.2.2. Stop Directory Authorities Resolving *Port Hostnames

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 11 03:29:14 UTC 2020


#33237: Prop 312: 3.2.2. Stop Directory Authorities Resolving *Port Hostnames
------------------------------------------------+--------------------------
 Reporter:  teor                                |          Owner:  teor
     Type:  defect                              |         Status:  assigned
 Priority:  Medium                              |      Milestone:  Tor:
                                                |  0.4.4.x-final
Component:  Core Tor/Tor                        |        Version:
 Severity:  Normal                              |     Resolution:
 Keywords:  prop312, tor-dirauth, security-low  |  Actual Points:
Parent ID:  #33049                              |         Points:  1
 Reviewer:                                      |        Sponsor:
                                                |  Sponsor55-can
------------------------------------------------+--------------------------
Description changed by teor:

Old description:

> For security reasons, directory authorities only use addresses that are
> explicitly configured in their torrc. Therefore, we propose that
> directory
> authorities only accept IPv4 or IPv6 address literals in the address part
> of the ORPort and DirPort options.
>
> As part of this fix, we may also ban DNS resolution on all configured
> Ports. (We should try to avoid banning DNS resolution entirely on
> authorities, because some test networks use Authority/Exits.)
>
> Directory authorities must not attempt to resolve these
> addresses using DNS. It is a config error to provide a hostname as a
> directory authority's ORPort or DirPort.
>
> If directory authorities don't have an IPv4 address literal in their
> Address or ORPort, they should issue a configuration error, and refuse to
> launch. If directory authorities don't have an IPv6 address literal in
> their
> Address or ORPort, they should issue a notice-level log, and fall back to
> only using IPv4.

New description:

 For security reasons, directory authorities only use addresses that are
 explicitly configured in their torrc. Therefore, we propose that directory
 authorities only accept IPv4 or IPv6 address literals in the address part
 of the ORPort and DirPort options.

 As part of this fix, we may also ban DNS resolution on all configured
 Ports. (We should try to avoid banning DNS resolution entirely on
 authorities, because some test networks use Authority/Exits.)

 See proposal 312, section 3.2.2, directory authority case:
 https://gitweb.torproject.org/torspec.git/tree/proposals/312-relay-auto-
 ipv6-addr.txt#n340

 Directory authorities must not attempt to resolve these
 addresses using DNS. It is a config error to provide a hostname as a
 directory authority's ORPort or DirPort.

 If directory authorities don't have an IPv4 address literal in their
 Address or ORPort, they should issue a configuration error, and refuse to
 launch. If directory authorities don't have an IPv6 address literal in
 their
 Address or ORPort, they should issue a notice-level log, and fall back to
 only using IPv4.

--

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33237#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list