[tor-bugs] #17782 [Tor]: Relays may publish descriptors with incorrect IP address
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jan 19 13:45:56 UTC 2016
#17782: Relays may publish descriptors with incorrect IP address
--------------------------+------------------------------------
Reporter: fk | Owner:
Type: defect | Status: new
Priority: High | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version: Tor: unspecified
Severity: Major | Resolution:
Keywords: 027-backport | Actual Points:
Parent ID: #17811 | Points:
Sponsor: |
--------------------------+------------------------------------
Comment (by teor):
#17782 and #17765 may be caused by a race condition between address
resolution and reachability self-testing:
* tor discovers its correct address
* tor initiates reachability tests to ORPort and DirPort on the correct
address
* tor discovers an incorrect address
* tor's reachability tests to the correct address succeed
This means that we have to invalidate (forcibly close connections for)
reachability tests when the address changes (if we don't already). This
might be hard to do for OR connections, as connections from other servers
to the correct address (from previous descriptors) still work, even if tor
discovers the wrong address.
However, after #18050, the DirPort self-test is also required before the
descriptor is published, and this relies on having the correct address.
This is only a partial solution, as not all relays have DirPorts.
What we really need to do is check that we can make an OR connection to
ourself (rather than receiving an OR connection from anywhere), or that we
can make a Dir connection to ourself, or both if the OR and Dir addresses
are different (#13953).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17782#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list