Opened 7 months ago

Closed 7 months ago

Last modified 4 months ago

#30084 closed defect (not a bug)

Relay: channel_tls_process_netinfo_cell private IP as public wrongly reported

Reported by: cypherpunks Owned by:
Priority: Very Low Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.3.4.8
Severity: Minor Keywords: private IP public channel_tls_process_netinfo_cell relay
Cc: cypherpunks Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Log output:
Nov 06 17:11:10.000 [info] {OR} channel_tls_process_netinfo_cell(): We made a connection to a relay at 92.167.89.160:9001 (fp=427E5C8ADC43B09582DDDA80EA8EDFBD05DF5003) but we think they will not consider this connection canonical. They think we are at 10.42.194.61, but we think its
92.222.41.125.

Nov 06 17:30:35.000 [info] {OR} channel_tls_process_netinfo_cell(): Got good NETINFO cell from 92.167.89.160:9001; OR connection is now open, using protocol version 5. Its ID digest is 033DC13D5639A530C098388D8F53A693D76AD59B. Our address is apparently
10.42.194.61.

10.42.194.61 does not exist in Intranet. It's reported wrongly by remote relay.

Child Tickets

Change History (9)

comment:1 Changed 7 months ago by cypherpunks

Keywords: relay added
Severity: NormalMinor
Summary: channel_tls_process_netinfo_cell private IP as public wrongly reportedRelay: channel_tls_process_netinfo_cell private IP as public wrongly reported

comment:2 Changed 7 months ago by cypherpunks

Cc: cypherpunks added

comment:3 Changed 7 months ago by cypherpunks

Version: Tor: 0.3.4.9Tor: 0.3.4.8

comment:4 Changed 7 months ago by nickm

Milestone: Tor: unspecified

That's not necessarily a bug; the relay on the other side is probably miscofigured. 'They think we are at 10.42.194.61' means that the other relay claims we are at that address -- probably because its NAT is confused or something?

comment:5 Changed 7 months ago by teor

Resolution: not a bug
Status: newclosed

I don't think we can do anything about this relay or network misconfiguration bug.

comment:6 Changed 7 months ago by cypherpunks

OK, it's only a INFO log line but could make relay operator worry about wrong configuration. Don't trust reported IP if it's within RFC1918 ? (https://tools.ietf.org/html/rfc1918)

Our address is apparently RFC1918, can never be the case.

comment:7 in reply to:  6 Changed 7 months ago by teor

Replying to cypherpunks:

OK, it's only a INFO log line but could make relay operator worry about wrong configuration. Don't trust reported IP if it's within RFC1918 ? (https://tools.ietf.org/html/rfc1918)

Our address is apparently RFC1918, can never be the case.

Tor can run inside a private network if it's configured with the right options.
Tor doesn't trust internal IPs by default, but it does log them.
Info-level logs are fo expert users. We focus on getting notice and warning logs right.

But feel free to submit a patch if you'd like,

comment:8 Changed 4 months ago by cypherpunks

check reported "your ip is X" by this function if(tor_addr_is_internal_()) and don't trust reported it than. can't be used in descriptor

comment:9 in reply to:  8 Changed 4 months ago by teor

Replying to cypherpunks:

check reported "your ip is X" by this function if(tor_addr_is_internal_()) and don't trust reported it than. can't be used in descriptor

Tor already does that check.

Directory authorities reject descriptors with private addresses:
https://github.com/torproject/tor/blob/e9d99d2e15f09a394ad01189b7965af4888a61a6/src/feature/dirauth/process_descs.c#L429

Relays don't extend to private addresses:
https://github.com/torproject/tor/blob/f7e8b3b68c8e2cecfc7ff4072e9f00d316aaba4f/src/core/or/circuitbuild.c#L1253

And clients don't connect to public relays on private addresses:
https://github.com/torproject/tor/blob/f7e8b3b68c8e2cecfc7ff4072e9f00d316aaba4f/src/core/or/circuitbuild.c#L552

Note: See TracTickets for help on using tickets.