Exit relays always return DNS TTL 60 to tor clients
When tor clients resolve a domain name, exit relays are supposed to return the DNS TTL as part of their response.
At the moment, it looks like exit relays always return TTL 0 for both A and AAAA records. Only PTR records seem to come with a TTL > 0. The relevant variables on the exit side are ttl_ipv4
and ttl_ipv6
in src/or/dns_structs.h. The variables should be initialised in the function cached_resolve_add_answer. The variable ttl_hostname
for PTR records is assigned ttl
:
resolve->ttl_hostname = ttl;
The variables ttl_ipv4
and ttl_ipv6
, however, are not. Therefore, exit relays always send back TTL 60 to clients (60 instead of 0 because the function dns_clip_ttl turns it into MIN_DNS_TTL
, i.e., 60).
Commit 2889bd264 added the code to tor. It added ttl_hostname
, ttl_ipv4
and ttl_ipv6
, but never initialised the latter two. I wonder if this is an oversight? Commit c660a0f6 talks about potential attacks, but I don't think that explains this issue.