[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #17782 [Tor]: Relays may publish descriptors with incorrect IP address

Subject: Re: [tor-bugs] #17782 [Tor]: Relays may publish descriptors with incorrect IP address
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 08 Dec 2015 23:48:07 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 08 Dec 2015 18:48:16 -0500
In-reply-to: <042.cf38fa0cbd3e68add0dfb4a7314d6521@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <042.cf38fa0cbd3e68add0dfb4a7314d6521@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#17782: Relays may publish descriptors with incorrect IP address
--------------------+------------------------------------
 Reporter:  fk      |          Owner:
     Type:  defect  |         Status:  new
 Priority:  High    |      Milestone:  Tor: 0.2.7.x-final
Component:  Tor     |        Version:  Tor: unspecified
 Severity:  Major   |     Resolution:
 Keywords:          |  Actual Points:
Parent ID:          |         Points:
  Sponsor:          |
--------------------+------------------------------------
Changes (by teor):

 * version:  Tor: 0.2.7.4-rc => Tor: unspecified


Comment:

 This issue was a known issue when it was introduced in 0.1.2.1-alpha in
 commit 9db7b2c0687a3ee28e96e0c0db6c2a3e7ef4c626 / svn:r6774 on 17 July
 2006:

 "Allow servers with no hostname or IP address to learn their IP address
 by asking the directory authorities. This code only kicks in when you
 would normally have exited with a "no address" error.

 This design is flawed, though, since the X-Your-Address-Is header is not
 authenticated, and doing it this way introduces too many new attacks. The
 right answer is to give IP address hints inside the HELLO cell; much of
 this code can be reused when we switch."

 The commit message doesn't describe the attack above, where the directory
 mirror deliberately lies. This may be due to the fact that only
 authorities were giving this information out in 2006, and they are semi-
 trusted.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17782#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #17782 [Tor]: Relays may publish descriptors with incorrect IP address
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #17782 [Tor]: Relays may publish descriptors with incorrect IP address
Next by Author: Re: [tor-bugs] #7028 [Tor]: Implement Adaptive Padding or some variant and measure overhead vs accuracy
Previous by thread: Re: [tor-bugs] #17782 [Tor]: Relays may publish descriptors with incorrect IP address
Next by thread: Re: [tor-bugs] #17782 [Tor]: Relays may publish descriptors with incorrect IP address
Index(es):
- Author
- Thread