[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #17178 [Tor]: Rendezvous Single Onion Services: One-Hop Intro Point and Rendezvous



#17178: Rendezvous Single Onion Services: One-Hop Intro Point and Rendezvous
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:
     Type:  enhancement                          |         Status:
 Priority:  High                                 |  needs_review
Component:  Tor                                  |      Milestone:  Tor:
 Severity:  Normal                               |  0.2.8.x-final
 Keywords:  028-triaged, tor-hs,                 |        Version:
  TorCoreTeam201602                              |     Resolution:
Parent ID:                                       |  Actual Points:
  Sponsor:  SponsorU                             |         Points:  large
-------------------------------------------------+-------------------------
Changes (by teor):

 * status:  needs_revision => needs_review


Comment:

 Please see my branch feature-17178-rsos:

 Added 5de1055acb37f9a448ef6e769a5587c9d00441e7 as a fixup for
 f519c356a17afec8dd732ec2e46315c5576283d0:

 Make tor_addr_is_multicast accessible in address.h.

 Replying to [comment:38 dgoulet]:
 > commit ce251ea5e7d98a8e46079f2733006f8e718717d8
 >
 > * This should be a `static const char *`. It's not required but imo we
 should use type as much as we can which is much more helpful on the
 compiler side.
 >
 > {{{
 > #define RSOS_POISON_FNAME "non_anonymous_hidden_service_rsos"
 > }}}
 >
 >  If you really don't want to, that's fine but the `tor_asprintf` doesn't
 need to use `%s` for it. Same for `PATH_SEPARATOR`. (`tor_asprintf(&fname,
 "%s" PATH_SEPARATOR ...)`)

 Fixed in 30969ca2abec80ebacb585767a88915a53293c01.

 > * Nitpick: You can use `tor_free(poison_fname);` once after
 `file_status()` is called. Avoid two of them.

 Fixed in 30969ca2abec80ebacb585767a88915a53293c01.

 > commit ff63c64c9cdebb7ea50354a3e72cb57758f9f939
 >
 > * Hrm that commit simply return 0. Can't we flag the HS that it's
 actually in RSOS mode? By that I mean, can we have two ephemeral HS, one
 in RSOS and the other one not ?

 No, we decided that was a bad design, as the non-anonymous RSOS could
 expose the anonymous HS.
 Whenever RSOS is set, it applies to all configured services.

 > commit 1e0b54feb5629eb85e9b365db684e1df8073a516
 >
 > * `rend_allow_direct_connection()` comment mentions: "Returns true in
 Tor2web and RSOS modes.". But the code return 1 if one of them is enabled,
 not both. So I'm guessing typo here.

 One of the glorious ambiguities of English. I meant: "Returns true in
 Tor2web mode and returns true in RSOS mode."

 Fixed in 70f44487b8ecdeef09681f02068ac30b6643a0e5.

 > commit 80a041b9740fa69126f40ddc1c8bba9555c8a08b
 >
 > * In `rend_client_get_random_intro_impl()`, this is added:
 > {{{
 > -    new_extend_info = extend_info_from_node(node, 0);
 > +    new_extend_info = extend_info_from_node(node,
 > +
 rend_allow_direct_connection(options));
 > }}}
 >
 >  This is somehow worrying me. I get the Tor2Web mode but what if I use
 my HS server as a client, I loose anonymity? Am I seeing that right?
 >
 >  Same goes in `find_rp_for_intro()`, if the HS is somehow compiled with
 `NON_ANONYMOUS_MODE_ENABLED` (Tor2Web), it goes to the RP/IP with one hop?

 I think that you're right, if you use a Tor2web client with a HS, or run a
 standard tor client as a RSOS, you lose anonymity.

 So let's prevent that. See bae2a4de61d6d440840411fb992ffc72ad04c660.

 For the record, these code changes only control how the node's address is
 selected.
 (In #17840, we change extend_info_from_node() to select addresses based on
 ReachableAddresses, ClientUseIPv4/6 and ClientPreferIPv6OR/DirPort.)

 It's the code like this that makes the connections one-hop:
 {{{
     if (rend_allow_direct_connection(options)) {
           flags = flags | CIRCLAUNCH_ONEHOP_TUNNEL;
     }
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17178#comment:39>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs