Opened 6 months ago

Closed 6 months ago

#25193 closed defect (fixed)

dos: Avoid blacklisting Exit relays

Reported by: dgoulet Owned by: dgoulet
Priority: Very High Milestone: Tor: 0.3.3.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-dos, tor-relay, 029-backport, 031-backport, 032-backport
Cc: armadev Actual Points:
Parent ID: #24902 Points:
Reviewer: nickm Sponsor:

Description

It is possible to do "tor-in-tor" meaning a tor client connection can exit the network and come back at a Guard node.

And if this happens to be detected by the DoS subsystem, we'll blacklist the Exit relay for a while. That is *NOT* good.

Now that we have #25183, we can lookup the inbound address to learn if we know it. And if we do, don't consider it a potential malicious client that we need to look at.

That is one part of the solution, the second part is #2667 so we actually prevent reentry from Exit but that part won't be backported just yet (if ever).

This work will be part of #24902 so once merge_ready, it will be merged into my branch ticket24902_029_05.

Child Tickets

Change History (3)

comment:1 Changed 6 months ago by dgoulet

Status: assignedneeds_review

Branch: ticket25193_029_01

This is a very simple patch that does one check when a new client connection is seen. Notice that we don't need to do such a thing in the "close client connection" because the "is being tracked" flag is never set preventing us to decrement the connection counter.

comment:2 Changed 6 months ago by dgoulet

Parent ID: #24902
Reviewer: nickm
Status: needs_reviewaccepted

Got a ACK from nickm on this so this has been merged into #24902 main branch.

comment:3 Changed 6 months ago by dgoulet

Resolution: fixed
Status: acceptedclosed

Merged into master. Will be backported through #24902.

Note: See TracTickets for help on using tickets.