[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #4581 [Tor Directory Authority]: Dir auths should defend themselves from too many begindir requests per address

To: undisclosed-recipients:;
Subject: [tor-bugs] #4581 [Tor Directory Authority]: Dir auths should defend themselves from too many begindir requests per address
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Fri, 25 Nov 2011 22:49:56 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 25 Nov 2011 17:50:08 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#4581: Dir auths should defend themselves from too many begindir requests per
address
-------------------------------------+--------------------------------------
 Reporter:  arma                     |          Owner:                    
     Type:  defect                   |         Status:  new               
 Priority:  normal                   |      Milestone:  Tor: 0.2.2.x-final
Component:  Tor Directory Authority  |        Version:                    
 Keywords:                           |         Parent:                    
   Points:                           |   Actualpoints:                    
-------------------------------------+--------------------------------------
 #4580 would not have been so bad if we'd had a "you already sent me 5
 begindir cells and I haven't even learned what you wanted to request on
 them yet. I am going to refuse the sixth one." feature.

 Alas, the bug causes us to make requests over time, and that will cause us
 to have multiple OR conns open, so the defense cannot simply be "look at
 how many other streams we have open on this circuit". I guess some sort of
 map from IP address to count would do it?

 I put this as an 0.2.2 milestone, but if the patch is complex I'll
 probably not be excited about backporting it.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4581>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #4581 [Tor Directory Authority]: Dir auths should defend themselves from too many begindir requests per address
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #4312 [Tor Relay]: Rate limit renegotiations
Next by Author: Re: [tor-bugs] #4581 [Tor Directory Authority]: Dir auths should defend themselves from too many begindir requests per address
Previous by thread: [tor-bugs] #4580 [Tor Client]: Some Tor clients go nuts requesting the consensus if there is no recent enough consensus
Next by thread: Re: [tor-bugs] #4581 [Tor Directory Authority]: Dir auths should defend themselves from too many begindir requests per address
Index(es):
- Author
- Thread