#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive -----------------------------------------+--------------------------------- Reporter: moonsikpark | Owner: (none) Type: enhancement | Status: | needs_information Priority: Medium | Milestone: Tor: | 0.4.3.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: tor-hs tor-dos extra-review | Actual Points: Parent ID: #32511 | Points: Reviewer: dgoulet, ahf | Sponsor: Sponsor27-can -----------------------------------------+---------------------------------
Comment (by teor): Replying to [comment:9 ahf]: > I left some comments there. I think my biggest question is what is the IPv6 story in this? Encoding a 32-bit IPv4 address in an IPv6 address is smart, but encoding an IPv6 address in an IPv6 address whilst still leaving space for other data is going to be difficult. The PROXY protocol has 2 address fields and 2 port fields: `PROXY TCP6 (SOURCE_IPV6) (DEST_IPV6) (SOURCE_PORT) (DEST_PORT)` In the current Tor network, Tor relays must have one IPv4 address and port, and can optionally have an IPv6 address and port. So here's the information we might want to capture: * REND_IPV4 (4 bytes) * REND_IPV4_PORT (2 bytes) * REND_IPV6 (16 bytes) * REND_IPV6_PORT (2 bytes) * INSTANCE_ID (2 bytes) * CIRCUIT_ID (4 bytes) And here's how this patch does that: `PROXY TCP6 (RESERVED_4_BYTES|REND_IPV4|REND_IPV4_PORT|INSTANCE_ID|CIRCUIT_ID) (DEST_IPV6?) (UNKNOWN?) (DEST_PORT?)` If we ever need to capture the IPv6 address and port: If we can use DEST_IPV6 and DEST_PORT: * Use DEST_IPV6 for REND_IPV6 * Use DEST_PORT for REND_IPV6_PORT If we can't, we only have 4 bytes left to store 18 bytes, so we hash the IPv6 and port, and use the first 4 bytes: * RESERVED_4_BYTES = H(REND_IPV6|REND_IPV6_PORT)[:4] I think we can make this decision later? But we should definitely document that IPv6 is not supported, and that the address is the canonical IPv4 address of the rend point. (And not guaranteed to be the actual address that the circuit is connecting through.) -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32604#comment:10> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs