[tor-bugs] #33157 [Circumvention/Snowflake]: Client generates SDP with "IN IP4", causing proxy to send "client_ip=" and bridge to send "USERADDR"

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Feb 7 18:24:01 UTC 2020

#33157: Client generates SDP with "IN IP4", causing proxy to send
"client_ip=" and bridge to send "USERADDR"
 Reporter:  dcf                      |          Owner:  (none)
     Type:  defect                   |         Status:  new
 Priority:  Medium                   |      Milestone:
Component:  Circumvention/Snowflake  |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:                           |  Actual Points:
Parent ID:                           |         Points:
 Reviewer:                           |        Sponsor:

Comment (by dcf):

 I'll say that the bug here is not necessarily that the SDP contains; it's that the proxy uses as the client address despite
 more meaningful information being available in the SDP. `remoteIPFromSDP`
 could choose one of the candidates from an `a=candidate` line rather than
 only looking at the `c=` line, for example. (Which one? It probably
 doesn't matter, as they are all likely to have the same geolocation, as
 long as you pick an external address candidate and not a LAN address
 candidate.) One way to fix the problem would be to ensure that clients
 generate SDP with a meaningful address in the `c=` line; another way would
 be to use a different method of extracting the address in the proxy.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33157#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list