#24964: dos: Block single hop client at the HSDir --------------------------------------+------------------------------------ Reporter: dgoulet | Owner: dgoulet Type: defect | Status: needs_revision Priority: Medium | Milestone: Tor: 0.4.2.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: tor-dos, tor2web, tor-hs | Actual Points: 0.1 Parent ID: #24962 | Points: 0.1 Reviewer: asn | Sponsor: Sponsor27-must --------------------------------------+------------------------------------
Comment (by teor): Replying to [comment:14 dgoulet]: > Ok turns out that a unit test needed more love to pass the "connection is anonymous" test added by this branch. > > HOWEVER, it highlighted a problem with the approach. > > The `linked_conn` onto a directory connection is always of type EXIT. I'm going back to the point where I do not know how to get the or_connection_t that the dir_connection_t is coming from... BEGINDIR connections are dir connections, linked to an exit stream, which is on an OR circuit, which is on an OR connection. So you have to walk a few more links: * dir connection to edge connection via linked_conn * edge connection to OR circuit via on_circuit * OR circuit to OR connection via p_chan Here's some code I wrote a little while ago, that walks the links with all the appropriate checks: https://github.com/teor2345/tor- old/commit/10290066c8ee6b4aa40ec048222fdd4f572ef8d9#diff- c56fd972333216da3bb1852bcc89f57dR1587 -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24964#comment:15> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs