[tor-bugs] #10849 [Tor]: tunneldirconns 0 makes hidden services publish descriptors over http -- and they're refused
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Feb 9 17:13:37 UTC 2014
#10849: tunneldirconns 0 makes hidden services publish descriptors over http -- and
they're refused
------------------------+--------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
------------------------+--------------------------------
Comment (by rransom):
The bug is in the last `if` statement in
`directory_command_should_use_begindir`:
{{{
if (!options->TunnelDirConns &&
router_purpose != ROUTER_PURPOSE_BRIDGE)
}}}
To fix it, append `&& !is_sensitive_dir_purpose(router_purpose)` to the
condition.
I suspect that this is a bugfix on whatever release introduced
`TunnelDirConns`, but I'm not going to do the archaeology to verify that.
In versions before whenever in 0.2.3.x ‘tor2web mode’ was merged, this bug
would have immediately deanonymized the hidden service. After ‘tor2web
mode’ (specifically the extra assertions I added while developing it), it
would have at worst crashed the HS instead.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10849#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list