[tor-bugs] #17788 [Tor]: Block local addresses for rendezvous on RSOS servers
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Feb 11 05:53:02 UTC 2016
#17788: Block local addresses for rendezvous on RSOS servers
---------------------------------------------+-----------------------------
Reporter: teor | Owner: teor
Type: defect | Status: assigned
Priority: Medium | Milestone: Tor:
Component: Tor | 0.2.8.x-final
Severity: Normal | Version:
Keywords: TorCoreTeam201602, rsos, tor-hs | Resolution:
Parent ID: | Actual Points:
Sponsor: | Points:
---------------------------------------------+-----------------------------
Comment (by teor):
Here's my TODO list for this task:
* define ExtendPolicy like ExitPolicy
* implement ExtendAllowPrivateAddresses based on the
ExitPolicyRejectPrivate code
* (I'm up to about here in feature-17178-8976-17788)
* fold ExtendAllowPrivateAddresses into ReachableAddresses (#17840)
* keep extend_info_addr_is_allowed() for the HS case
* apply to relays, not just RSOS
* re-parse when IP address changes for relays and RSOS
* automatically reject addresses in ExtendPolicy via
extend_info_for_node() (#17840)
* warn/notice relay/RSOS operators
* don't block anything other than private addresses for HS, as it may
reveal the HS address
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17788#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list