[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #24509 [Core Tor/Tor]: circuit_can_use_tap() should only allow TAP for v2 onion services
#24509: circuit_can_use_tap() should only allow TAP for v2 onion services
-------------------------------------------------+-------------------------
Reporter: teor | Owner: (none)
Type: defect | Status:
| needs_revision
Priority: Medium | Milestone: Tor:
| 0.3.3.x-final
Component: Core Tor/Tor | Version: Tor:
| 0.3.2.1-alpha
Severity: Normal | Resolution:
Keywords: prop224, tor-hs, security-low, | Actual Points:
easy, intro |
Parent ID: | Points: 0.5
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by dgoulet):
* status: needs_review => needs_revision
Comment:
Replying to [comment:1 irl]:
> The above patch uses `circ->rend_data->version` to determine the onion
service version in use for the circuit. There is an assert that that
structure exists before trying to dereference the version from it, which I
think it should always be the case that it does exist unless there are
maybe Tor2Web things I'm unfamiliar with.
Unfortunately, that won't work. We introduced the `rend_data` version back
before we did prop224 because we were planning on using a specialized
version for v3 but it turns out that it wasn't really usable the way we
wanted. We should probably also add a big comment in `rend_data_t` to tell
the world that it is ONLY for v2 even thought a version field exists and
all this ABI/API business.
So v2 circuits have a `rend_data` object attached and v3 circuits have an
`hs_ident` object.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24509#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs