[tor-bugs] #33234 [Core Tor/Tor]: Prop 312: 3.2.1. Make the Address torrc Option Resolve IPv6 Hostnames

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 11 03:14:41 UTC 2020 

#33234: Prop 312: 3.2.1. Make the Address torrc Option Resolve IPv6 Hostnames
--------------------------------+--------------------------------
     Reporter:  teor            |      Owner:  teor
         Type:  enhancement     |     Status:  assigned
     Priority:  Medium          |  Milestone:  Tor: 0.4.4.x-final
    Component:  Core Tor/Tor    |    Version:
     Severity:  Normal          |   Keywords:  prop312, ipv6
Actual Points:                  |  Parent ID:  #33049
       Points:  2               |   Reviewer:
      Sponsor:  Sponsor55-must  |
--------------------------------+--------------------------------
 Make relays and bridges use the Address torrc option to find their IPv6
 addresses.

 This ticket covers the IPv6 hostname / DNS case:

   2. Hostnames / DNS names:
      * allow the option to be specified up to two times,
      * look up the configured name,
      * use the first IPv4 and IPv6 address returned by the resolver, and
      Resolving multiple addresses in the same address family is not a
      runtime error, but only the first address from each family will be
      used.

 These lookups should ignore private addresses on public tor networks. If
 multiple IPv4 or IPv6 addresses are returned, the first public address
 from each family should be used.

 Tor should warn if a configured Address hostname does not resolve
 to any publicly routable IPv4 or IPv6 addresses. (If
 tor is configured with a custom set of directory authorities, private
 addresses should be allowed, with a notice-level log.)
 For security reasons, directory authorities only use addresses that are
 explicitly configured in their torrc. Therefore, we propose that directory
 authorities only accept IPv4 or IPv6 address literals in their Address
 option. They must not attempt to resolve their Address using DNS. It is a
 config error to provide a hostname as a directory authority's Address.

 See proposal 312, section 3.2.1, case 2:
 https://gitweb.torproject.org/torspec.git/tree/proposals/312-relay-auto-
 ipv6-addr.txt#n258

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33234>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list