aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2021-02-01 21:43:41 -0500
committerDavid Goulet <dgoulet@torproject.org>2021-03-17 13:04:23 -0400
commit6de09642f06b8ee0da3e47e17b350aea6c7644a9 (patch)
treec7ec09dc185cee9aab8d54df81632d4eda0c2abe
parent29f07a4e9d2e7cd061e696f673c42e00885ec231 (diff)
downloadtor-6de09642f06b8ee0da3e47e17b350aea6c7644a9.tar.gz
tor-6de09642f06b8ee0da3e47e17b350aea6c7644a9.zip
warn and reject reentering streams at client too
Clients now check whether their streams are attempting to re-enter the Tor network (i.e. to send Tor traffic over Tor), and they close them preemptively if they think exit relays will refuse them. See bug 2667 for details. Resolves ticket 40271.
-rw-r--r--changes/ticket402715
-rw-r--r--src/core/or/connection_edge.c20
2 files changed, 25 insertions, 0 deletions
diff --git a/changes/ticket40271 b/changes/ticket40271
new file mode 100644
index 0000000000..a977be75e1
--- /dev/null
+++ b/changes/ticket40271
@@ -0,0 +1,5 @@
+ o Minor features (client):
+ - Clients now check whether their streams are attempting to re-enter
+ the Tor network (i.e. to send Tor traffic over Tor), and they close
+ them preemptively if they think exit relays will refuse them. See
+ ticket 2667 for details. Close ticket 40271.
diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c
index 7e0f51428a..b89f3336dc 100644
--- a/src/core/or/connection_edge.c
+++ b/src/core/or/connection_edge.c
@@ -163,6 +163,7 @@ static int connection_ap_process_natd(entry_connection_t *conn);
static int connection_exit_connect_dir(edge_connection_t *exitconn);
static int consider_plaintext_ports(entry_connection_t *conn, uint16_t port);
static int connection_ap_supports_optimistic_data(const entry_connection_t *);
+static bool network_reentry_is_allowed(void);
/**
* Cast a `connection_t *` to an `edge_connection_t *`.
@@ -2401,6 +2402,25 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
* address. */
conn->entry_cfg.ipv6_traffic = 0;
}
+
+ /* Next, yet another check: we know it's a direct IP address. Is it
+ * the IP address of a known relay and its ORPort, or of a directory
+ * authority and its OR or Dir Port? If so, and if a consensus param
+ * says to, then exit relays will refuse this request (see ticket
+ * 2667 for details). Let's just refuse it locally right now, to
+ * save time and network load but also to give the user a more
+ * useful log message. */
+ if (!network_reentry_is_allowed() &&
+ nodelist_reentry_contains(&addr, socks->port)) {
+ log_warn(LD_APP, "Not attempting connection to %s:%d because "
+ "the network would reject it. Are you trying to send "
+ "Tor traffic over Tor? This traffic can be harmful to "
+ "the Tor network. If you really need it, try using "
+ "a bridge as a workaround.",
+ safe_str_client(socks->address), socks->port);
+ connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
+ return -1;
+ }
}
}