[tor-bugs] #15517 [BridgeDB]: BridgeDB considers IPv6 clients in the same /64 to be "in the same subnet"

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Apr 3 19:58:53 UTC 2015 

#15517: BridgeDB considers IPv6 clients in the same /64 to be "in the same subnet"
-------------------------+-------------------------------------------------
     Reporter:  isis     |      Owner:  isis
         Type:  defect   |     Status:  needs_review
     Priority:           |  Milestone:
  critical               |    Version:
    Component:           |   Keywords:  bridgedb-dist, bridge-enumeration,
  BridgeDB               |  ipv6, bridgedb-0.3.2
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:           |
-------------------------+-------------------------------------------------

Comment (by isis):

 Replying to [comment:3 isis]:
 > Replying to [comment:2 arma]:
 > > How about giving different bridges to the ipv6 users? Mapping both
 ipv4 and ipv6 users onto the same bridge pool means that whichever
 strategy the attacker finds easier to attack is the one that will defeat
 that pool.
 >
 > That could work.

 I forgot to mention that it seems that something of the thing you want was
 seemingly half-implemented many years ago, and never finished. There are
 these things called "clusters" in the hashrings of the HTTPS Distributor;
 these are not present in the Email Distributor. I've attempted to document
 their structure
 [https://pythonhosted.org/bridgedb/bridgedb.Dist.html#bridgedb.Dist.IPBasedDistributor.prepopulateRings
 here].

 These "clusters" (besides needing a better name and documentation) could
 more easily be separated into some for clients coming from IPv4, and some
 for clients from IPv6. Separating the Tor/proxy users in the same manner
 is slightly more difficult, because those users have ''another''
 different, janky, poorly-named, and completely-undocumented structure.
 (Hooray. And, again, I didn't do it; I've barely touched this code.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15517#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list