Opened 8 months ago

Closed 7 months ago

#21407 closed defect (implemented)

Make the usecreatefast default 0 in tor to match the consensus

Reported by: teor Owned by:
Priority: Medium Milestone: Tor: 0.3.1.x-final
Component: Core Tor/Tor Version: Tor: 0.2.4.23
Severity: Normal Keywords: security
Cc: Actual Points:
Parent ID: Points: 1
Reviewer: Sponsor:

Description

In #9386 we made clients use CREATE_FAST less, and changed the value in the consensus to 0. But we still use the default of 1 when bootstrapping (because there is no consensus).

We should change this default to 0.

Sticking this in 0.3.1 because it's a security hole for the reasons mentioned in #9386. (I'd go for 0.3.0, but that's frozen, and this change could introduce bootstrapping bugs.)

Child Tickets

Change History (3)

comment:1 Changed 7 months ago by nickm

Status: newneeds_review

Branch bug21407 in my public repository.

comment:2 Changed 7 months ago by teor

Status: needs_reviewmerge_ready

I think this patch looks good, because:

  • if clients don't have a (directory guard or fallback or authority) onion key, they use TLS and CREATE_FAST
    • (the non-directory guard code makes sure we have an onion key before we connect)
  • if clients have an onion key, they default to using it, or the consensus parameter, or the torrc option

Although, I just realised that if clients don't have a consensus, they won't believe any onion keys. So does this change have any effect at all?

In either case, let's merge it.

comment:3 Changed 7 months ago by nickm

Resolution: implemented
Status: merge_readyclosed

Merged!

Note: See TracTickets for help on using tickets.