Opened 8 months ago

Last modified 4 months ago

#33234 assigned enhancement

Prop 312: 3.2.1. Make the Address torrc Option Resolve IPv6 Hostnames

Reported by: teor Owned by:
Priority: Medium Milestone:
Component: Core Tor/Tor Version:
Severity: Normal Keywords: prop312, ipv6, 044-deferred
Cc: Actual Points:
Parent ID: #33049 Points: 2
Reviewer: Sponsor: Sponsor55-must

Description (last modified by teor)

This ticket depends on Address IPv6 support in #33233.

Make relays and bridges use the Address torrc option to find their IPv6 addresses.

This ticket covers the IPv6 hostname / DNS case:

  1. Hostnames / DNS names:
    • allow the option to be specified up to two times,
    • look up the configured name,
    • use the first IPv4 and IPv6 address returned by the resolver, and Resolving multiple addresses in the same address family is not a runtime error, but only the first address from each family will be used.

These lookups should ignore private addresses on public tor networks. If
multiple IPv4 or IPv6 addresses are returned, the first public address from each family should be used.

Tor should warn if a configured Address hostname does not resolve
to any publicly routable IPv4 or IPv6 addresses. (If
tor is configured with a custom set of directory authorities, private
addresses should be allowed, with a notice-level log.)
For security reasons, directory authorities only use addresses that are
explicitly configured in their torrc. Therefore, we propose that directory authorities only accept IPv4 or IPv6 address literals in their Address option. They must not attempt to resolve their Address using DNS. It is a config error to provide a hostname as a directory authority's Address.

See proposal 312, section 3.2.1, case 2:

Child Tickets

Change History (4)

comment:1 Changed 6 months ago by teor

Description: modified (diff)

comment:2 Changed 6 months ago by teor

Owner: teor deleted

Un-assign myself from future Sponsor 55 tasks.

comment:3 Changed 4 months ago by nickm

Keywords: 044-deferred added
Milestone: Tor: 0.4.4.x-finalTor: unspecified

Bulk-remove tickets from 0.4.4. Add the 044-deferred label to them.

comment:4 Changed 4 months ago by nickm

Milestone: Tor: unspecified

Bulk-move prop311 and prop312 to 0.4.5

Note: See TracTickets for help on using tickets.