[tor-bugs] #22688 [Core Tor/Tor]: hs: stop HSDirs being used as single-hop "proxies"
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jul 2 05:10:31 UTC 2018
#22688: hs: stop HSDirs being used as single-hop "proxies"
-------------------------------------------------+-------------------------
Reporter: teor | Owner: teor
Type: defect | Status:
| needs_revision
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-hs, relay-safety, | Actual Points: 0.3
034-triage-20180328, 034-removed-20180328 |
Parent ID: #17945 | Points: 0.3
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Description changed by teor:
Old description:
> handle_post_hs_descriptor and handle_get_hs_descriptor_v3 should check
> that the connection is:
> * encrypted, and
> * not from a client (channel_is_client in 0.3.1.1-alpha and later
> correctly identifies unauthenticated peers, which are clients and
> bridges).
>
> For extra safety, we can check if the circuit is from a relay.
New description:
handle_post_hs_descriptor and handle_get_hs_descriptor_v3 should check
that the connection is:
* encrypted, and
* not from a client (channel_is_client in 0.3.1.1-alpha and later
correctly identifies unauthenticated peers, which are clients and
bridges).
For HSv2, we should allow direct Tor2web client connections by default,
but have a consensus parameter to turn them off. Direct service
connections should always be refused,
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22688#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list