[tor-commits] [torspec/master] Prop 312: Use Authority IPs for the Socket Method

teor at torproject.org teor at torproject.org
Wed Feb 5 12:07:24 UTC 2020 

commit 6e7d4abd1f18292c501e8a4e173b83d2fa9313b1
Author: teor <teor at torproject.org>
Date:   Tue Feb 4 14:39:47 2020 +1000

    Prop 312: Use Authority IPs for the Socket Method
    
    Add an optional section, where we propose using a directory authority
    IPv4 and IPv6 address for socket-based local interface address
    detection.
    
    As suggested by Nick Mathewson.
    
    Part of 33073.
---
 proposals/312-relay-auto-ipv6-addr.txt | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/proposals/312-relay-auto-ipv6-addr.txt b/proposals/312-relay-auto-ipv6-addr.txt
index 3209e0b..1a672fb 100644
--- a/proposals/312-relay-auto-ipv6-addr.txt
+++ b/proposals/312-relay-auto-ipv6-addr.txt
@@ -935,6 +935,35 @@ Ticket: #33073
    support IPv6 may be quite small. But we should still test this use case for
    clients connecting over IPv4 and IPv6, and extending over IPv4 and IPv6.
 
+3.5.12. Using Authority Addresses for Socket-Based Address Detection
+
+   We propose this optional change, to avoid issues with firewalls during
+   address detection. (And to reduce user confusion about firewall
+   notifications which show a strange IP address.)
+
+   We propose that tor should use a directory authority IPv4 and IPv6 address,
+   for any sockets that it opens to detect local interface addresses (see
+   section 3.2.3). We propose that this change is applied regardless of the
+   role of the current tor instance (relay, bridge, directory authority, or
+   client).
+
+   Tor currently uses the arbitrary IP addresses 18.0.0.1 and [2002::], which
+   may be blocked by firewalls. These addresses may also cause user confusion,
+   when they appear in logs or notifications.
+
+   The relevant function is get_interface_address6_via_udp_socket_hack() in
+   lib/net. The hard-coded addresses are in app/config. Directly using these
+   addresses would break tor's module layering rules, so we propose:
+     * copying one directory authority's hard-coded IPv4 and IPv6 addresses to
+       an ADDRESS_PRIVATE macro or variable in lib/net/address.h
+     * writing a unit test that makes sure that the address used by
+       get_interface_address6_via_udp_socket_hack() is still in the list of
+       hard-coded directory authority addresses.
+
+   When we choose the directory authority, we should avoid using a directory
+   authority that has different hard-coded and advertised IP addresses. (To
+   avoid user confusion.)
+
 4. Directory Protocol Specification Changes
 
    We propose explicitly supporting IPv6 X-Your-Address-Is HTTP headers in the

More information about the tor-commits mailing list