Opened 5 months ago

Closed 4 months ago

#26488 closed defect (fixed)

Stop resolving hard-coded authority DNS names that start with a digit

Reported by: teor Owned by: rl1987
Priority: Medium Milestone: Tor: 0.3.5.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-dirauth, security-low
Cc: Actual Points:
Parent ID: Points:
Reviewer: dgoulet Sponsor:

Description

Instead, we should:

  • require IP addresses for authorities in the public network
  • allow any DNS name for non-default authorities or in test networks

See #25935 and https://github.com/torproject/tor/pull/59 for background.

Child Tickets

Change History (9)

comment:1 Changed 5 months ago by rl1987

Owner: set to rl1987
Status: newaccepted

comment:3 Changed 5 months ago by rl1987

Status: acceptedneeds_review

comment:4 Changed 5 months ago by teor

Milestone: Tor: unspecifiedTor: 0.3.5.x-final

We split off the non-security / test network parts of this ticket to #26508

comment:5 Changed 5 months ago by dgoulet

Reviewer: dgoulet
Status: needs_reviewneeds_revision

Commented. Quick thing I think we could fix to be a bit better off.

comment:6 Changed 5 months ago by rl1987

Status: needs_revisionneeds_review

Responded on the pull request.

comment:7 in reply to:  6 Changed 4 months ago by dgoulet

Replying to rl1987:

Responded on the pull request.

Still have a question there.

comment:8 Changed 4 months ago by dgoulet

Status: needs_reviewmerge_ready

ack;

comment:9 Changed 4 months ago by nickm

Resolution: fixed
Status: merge_readyclosed

squashing and merging!

Note: See TracTickets for help on using tickets.