[tor-bugs] #9290 [Tor]: Use something other than "known relay" to decide on rate in connection_or_update_token_buckets_helper()
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jul 18 13:32:41 UTC 2013
#9290: Use something other than "known relay" to decide on rate in
connection_or_update_token_buckets_helper()
---------------------------------+------------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Keywords: tor-relay bandwidth | Parent:
Points: | Actualpoints:
---------------------------------+------------------------------------------
On #tor-dev , Beeps says:
{{{
13:18 < Beeps> connection_or_update_token_buckets_helper() will not limit
speed
if relay knows desc. You can upldoad desc to any auth.
Before
limit speed you need protect all auths or limit speed for
them.
5 of them are victims for cheaters for now.
}}}
In other words, anybody can get the higher limit from an authority by
uploading a descriptor with their ID, whether they're really a relay or
not. That's annoying.
One fix would be to change the behavior of
connection_or_digest_is_known_relay to require that the relay be present
in the consensus. (Would this hurt bandwidth measurement?)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9290>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list