Tor issueshttps://gitlab.torproject.org/tpo/core/tor/-/issues2024-02-13T17:00:47Zhttps://gitlab.torproject.org/tpo/core/tor/-/issues/40840Prevent outbound cell command flipping2024-02-13T17:00:47ZMike PerryPrevent outbound cell command flippingAs per https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/proposals/344-protocol-info-leaks.txt#L197, the RELAY_EARLY fix did not address the outbound direction.
We can fix this by checking at relays that the cell command field ...As per https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/proposals/344-protocol-info-leaks.txt#L197, the RELAY_EARLY fix did not address the outbound direction.
We can fix this by checking at relays that the cell command field does not switch back and forth between RELAY and RELAY_EARLY. Then, so long as the middle relay is honest, this vector cannot be used as a covert channel between the Guard and the Exit.
This fix should be relatively simple and can be backported, though we should of course test it in shadow.Mike PerryMike Perryhttps://gitlab.torproject.org/tpo/core/tor/-/issues/40860Sort introduction points before encoding?2023-09-18T13:31:13ZNick MathewsonSort introduction points before encoding?It might be a good idea to make sure that when we encode introduction points, we do so in a standard order so that we don't leak any information. Right now, introduction points are selected in `pick_needed_intro_points()` and encoded in...It might be a good idea to make sure that when we encode introduction points, we do so in a standard order so that we don't leak any information. Right now, introduction points are selected in `pick_needed_intro_points()` and encoded in `get_inner_encrypted_layer_plaintext()`.
This probably needs a specification change too. See also arti#1039.Tor: 0.4.7.x-post-stable