Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Tor Tor
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 325
    • Issues 325
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 30
    • Merge requests 30
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • TorTor
  • Issues
  • #22689
Closed
Open
Issue created Jun 21, 2017 by teor@teor

hs: Stop intro points being used as single hop proxies

This prevents them knowing both the service and client IP addresses, and therefore being targets for network traffic logging, sybil, or hacking attacks.

We need to implement the following checks:

  • if an introduction point was made using a direct connection (single onion services), refuse direct client connections,
  • for v3 intro points, always refuse direct client connections
  • for v2 intro points, refuse direct client connections based on a consensus parameter
  • if the rend point was made using a direct connection (custom client, no tor2web for HSv3), refuse direct service connections (single onion services).

See legacy/trac#22688 (moved) for how this is done for HSDir3s using channel_is_client(). The comments in that patch explain why it works.

We could even refactor the common code out of connection_dir_is_anonymous() into connection_is_anonymous(), and avoid including channel[tls].h into directory.c.

I'm not sure if I will get time to do this, so please feel free to take this ticket.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking