Opened 6 years ago

Closed 6 years ago

#12497 closed task (implemented)

Write a proposal for how to change the list of private addresses

Reported by: andrea Owned by: nickm
Priority: Medium Milestone: Tor: 0.2.6.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: 026-triaged-1
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


There are problems if clients and nodes disagree about which addresses are private; if a client requests an address from a node and the node thinks it's private and rejects it, but the address is not blacklisted in the node's exit policy, the client will falsely reject the exit as misbehaving. We need a proposal to handle this in such a way as to let us update the list of private addresses for such tickets as #7971 without breaking things.

Child Tickets

Change History (4)

comment:1 Changed 6 years ago by andrea

Keywords: 026-triaged-1 added

Since this was just created for 0.2.6 triage, I will give it the 026-triaged-1 keyword.

comment:2 Changed 6 years ago by nickm

Summary: Proposal for private addressesWrite a proposal for how to change the list of private addresses

comment:3 Changed 6 years ago by nickm

Owner: set to nickm
Status: newassigned

comment:4 Changed 6 years ago by nickm

Resolution: implemented
Status: assignedclosed

This may not need a proposal at all. With the fix for #7582, we no longer call a node "reject *:*" unless we asked for a specific IP address, and we had its routerinfo, and the routerinfo explicitly says that address was allowed. So long as we don't start putting "private:*" in our descriptors (and we haven't, IIRC), this should work just fine in and later.

So we should just wait until 0.2.3.x clients are completely 100% deprecated, and then we can make changes to what's in private.

So the remaining issues from #5166 and #7971 is that new clients will be distinguishable, which we typically don't worry too hard about. If we care, we can use a consensus parameter to govern the switchover so that a lot of clients all switch at once.

Note: See TracTickets for help on using tickets.