Opened 9 years ago

Closed 8 years ago

Last modified 7 years ago

#2442 closed defect (fixed)

A bunch of hidden service warnings should be protocol warnings

Reported by: Sebastian Owned by: rransom
Priority: Medium Milestone: Tor: 0.2.2.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: easy tor-hs
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

We've had quite a few reports about log messages such as:

Possible replay detected! We received an INTRODUCE2 cell with same first part of Diffie-Hellman handshake 5 seconds ago.

and

INTRODUCE2 cell is too old. Discarding

These are messages that an operator can't do anything about, and they should be in the protocol warnings category instead.

Child Tickets

Change History (8)

comment:1 Changed 9 years ago by arma

Component: Tor RelayTor hidden services

comment:2 Changed 9 years ago by nickm

Keywords: easy added
Milestone: Tor: 0.2.3.x-final
Priority: normalminor

It would be nice if somebody did this.

comment:3 Changed 9 years ago by rransom

Owner: set to rransom
Status: newassigned

comment:4 Changed 9 years ago by arma

In general I agree with you about moving warns to protocol-warns if there's nothing the operator can do about it. But in the case you raise this is a warning at a hidden service. It's quite possible that hidden service was legitimately under some sort of protocol-level attack. If you get a lot of these as a hidden service operator, you really should consider turning off your hidden service, investigating, etc.

Maybe that's what the log message should tell them to do?

comment:5 Changed 8 years ago by rransom

Milestone: Tor: 0.2.3.x-finalTor: 0.2.2.x-final
Priority: minornormal
Status: assignedneeds_review

See bug2442-v2 ( https://git.torproject.org/rransom/tor.git bug2442-v2 ) for a fix. This branch includes the fix for #3989.

comment:6 Changed 8 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Merging this into 0.2.2: The impact isn't high, but the risk is negligible, and rransom says that otherwise he'll have a pile of conflicts with other HS fixes that 0.2.2 should have unless this gets in.

comment:7 Changed 7 years ago by nickm

Keywords: tor-hs added

comment:8 Changed 7 years ago by nickm

Component: Tor Hidden ServicesTor
Note: See TracTickets for help on using tickets.