Opened 6 years ago

Closed 3 years ago

#10518 closed defect (worksforme)

local tor client policy remotely modified

Reported by: mr-4 Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.2.4.18-rc
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

As part of my torrc I have a MapAddress directive, which redirects all requests to a specific domain via a tor exit point (I still use ".exit"). That works satisfactory and served me well for a good while.

Today when I tried to access that domain, I received and error (domain inaccessible) and when I inspected the tor logs I found a sequence of these messages: "Requested exit point 'XXXX' is excluded or would refuse request. Closing."

This is obviously incorrect as I don't have such policy and have not restricted using that particular node (I did double-check my torrc file and since I also use default-torrc I checked that as well).

Using the atlas service I made sure that the node in question is up and running and that was indeed the case (the tor node has been running for more than 40 days - continuously).

Next, I stopped tor and restarted it (keeping the whole /var/lib/tor/* intact) and tried to access the same domain. I've got the same error message.

Finally, I stopped tor again, wiped out the entire /var/lib/tor/* directory to force my tor client to download fresh consensus and cold-boot everything. After doing that I tried to access the redirected domain again and this time I was SUCCESSFUL!

All of this leaves me to conclude that my tor client policy was remotely modified/altered, which if true, is a very serious issue, hence reporting it here.

Child Tickets

Change History (6)

comment:1 Changed 6 years ago by cypherpunks

It sounds like the exit node in question happens to be rejecting the site/port/whatever you want to access or he tried out this exit policy and decided to change it back.

It's not related to your local tor client's "policy". It's related to the exit node's ExitPolicy.

comment:2 in reply to:  1 Changed 6 years ago by mr-4

Replying to cypherpunks:

It sounds like the exit node in question happens to be rejecting the site/port/whatever you want to access or he tried out this exit policy and decided to change it back.

I doubt that. The node in question is "stable" and a "guard" and has also been running for a long time (I use it for that kind of traffic for more than 2 years now).

It's not related to your local tor client's "policy". It's related to the exit node's ExitPolicy.

Yeah, that's right, but is it possible that my tor client could have that node's exit policy "changed" in its local copy/consensus?

I presume that node's policy is downloaded and kept in /var/lib/tor, so if the local copy has been changed somehow, then I am going to get this kind of behaviour, right (which is the reason I submitted this report)?

I don't see any sense in the operator of that node changing its node policy for 10-15 seconds (bearing in mind that that same policy has been like that for years!) only to then change it back to what it was. Something is fishy and I don't like it!

comment:3 Changed 6 years ago by browserprivacy

Has anyone else been able to reproduce this?

mr-4, have you seen the same issue in subsequent releases?

comment:4 Changed 6 years ago by mr-4

No, I haven't seen nor was I able to reproduce this any further, though I switched to the latest version of tor soon after I posted this report.

comment:5 Changed 6 years ago by nickm

Milestone: Tor: unspecified
Status: newneeds_information

This is going to need to be reproducible in order to get it figured out.

comment:6 Changed 3 years ago by nickm

Resolution: worksforme
Severity: Normal
Status: needs_informationclosed

no information on how to reproduce this; please reopen if there's a way to reproduce it.

Note: See TracTickets for help on using tickets.