[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #18938 [Core Tor/Tor]: Authorities should reject non-ASCII content in ExtraInfo descriptors

Subject: Re: [tor-bugs] #18938 [Core Tor/Tor]: Authorities should reject non-ASCII content in ExtraInfo descriptors
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 08 Jul 2016 00:19:02 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 07 Jul 2016 20:19:11 -0400
In-reply-to: <044.0fa2f0a385a1f82aa0fc9a47a60ebc9f@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.0fa2f0a385a1f82aa0fc9a47a60ebc9f@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#18938: Authorities should reject non-ASCII content in ExtraInfo descriptors
----------------------------------+------------------------------------
 Reporter:  teor                  |          Owner:
     Type:  defect                |         Status:  new
 Priority:  Medium                |      Milestone:  Tor: 0.2.9.x-final
Component:  Core Tor/Tor          |        Version:
 Severity:  Normal                |     Resolution:
 Keywords:  needs-proposal-maybe  |  Actual Points:
Parent ID:  #18656                |         Points:  1
 Reviewer:                        |        Sponsor:
----------------------------------+------------------------------------

Comment (by Sebastian):

 I don't like Nick's easy fix I think. The dirauths that upgrade often are
 also the ones that do the important stuff (badexit, bwauth) so you might
 be able to ensure you don't get the badexit flag by putting non-ascii into
 your descriptor.

 To the parser argument, I kinda think the ship has sailed for anything
 that wants to be able to parse historic descriptors. I'm still in favor of
 not allowing arbitrary bytes in contact info going forward, but I think we
 should have it in relays before we have it in dirauths.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18938#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #19613 [Metrics/Onionoo]: confirm to style guide
Next by Author: [tor-bugs] #19654 [- Select a component]: Atlas doesn't work with TBB high security
Previous by thread: Re: [tor-bugs] #18938 [Core Tor/Tor]: Authorities should reject non-ASCII content in ExtraInfo descriptors
Next by thread: Re: [tor-bugs] #18938 [Core Tor/Tor]: Authorities should reject non-ASCII content in ExtraInfo descriptors
Index(es):
- Author
- Thread