[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #31011 [Core Tor/Tor]: Make the bridge authority reject private PT addresses when DirAllowPrivateAddresses is 0
#31011: Make the bridge authority reject private PT addresses when
DirAllowPrivateAddresses is 0
-----------------------------------------------+---------------------------
Reporter: teor | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: anti-censorship-roadmap-september | Actual Points:
Parent ID: #31009 | Points: 1
Reviewer: | Sponsor:
| Sponsor28-can
-----------------------------------------------+---------------------------
Comment (by teor):
Replying to [comment:9 phw]:
> I prefer having the bridge authority reject descriptors with private
addresses. In my opinion, a private address has no business being in the
descriptor and we should reject such descriptors rather than guessing what
the bridge operators meant to do.
Thanks, that seems like a sensible decision.
We can add bridge authority code that rejects extra-info descriptors with
a private address in any `transport` line.
We should probably also add a config error on the bridge side, if
ServerTransportListenAddress is an internal address,
compute_publishserverdescriptor() is bridge, and the bridge is using the
default bridge authority.
Here's how the `transport` line is created on the bridge side:
https://github.com/torproject/tor/blob/f6c9ca3a1d1c29a293915612e26cdbfeb050c192/src/feature/relay/router.c#L3190
https://github.com/torproject/tor/blob/60d5ff303d65bb7caf5c064675c661faac4cecf1/src/feature/client/transports.c#L1615
Here's where we reject extra-info descriptors in dirserv_add_extrainfo():
https://github.com/torproject/tor/blob/53bdd21179b3507b8d8aa2788e4955df8619f6db/src/feature/dirauth/process_descs.c#L789
See dirserv_router_has_valid_address() for some example code. This code
rejects relay descriptors with private IPv4 or IPv6 addresses, when
DirAllowPrivateAddresses is 0:
https://github.com/torproject/tor/blob/53bdd21179b3507b8d8aa2788e4955df8619f6db/src/feature/dirauth/process_descs.c#L456
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31011#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs