aboutsummaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
authorMike Perry <mikeperry-git@fscked.org>2012-09-17 18:45:10 -0700
committerNick Mathewson <nickm@torproject.org>2012-09-18 16:21:35 -0400
commitacda1735fd62a8e2c90d6525049bc583f6049940 (patch)
treeb60707c7c01305f80ad1ab720c2208366ed32635 /src/or
parent704fd8bb020bda2886eebd7c0b4a6192d4a6717c (diff)
downloadtor-acda1735fd62a8e2c90d6525049bc583f6049940.tar.gz
tor-acda1735fd62a8e2c90d6525049bc583f6049940.zip
Disable Guard usage for Tor2webMode.
Tor2webMode is fingerprintable by hidden services through repeated usage of the same three guard nodes for its rend and intro points.
Diffstat (limited to 'src/or')
-rw-r--r--src/or/config.c16
1 files changed, 16 insertions, 0 deletions
diff --git a/src/or/config.c b/src/or/config.c
index 4557853cec..c77f7fbeea 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -2522,6 +2522,22 @@ options_validate(or_options_t *old_options, or_options_t *options,
options->LearnCircuitBuildTimeout = 0;
}
+ if (options->Tor2webMode && options->UseEntryGuards) {
+ /* Tor2WebMode is incompatible with EntryGuards in two ways:
+ *
+ * - Tor2WebMode uses its guard nodes as rend and intro points.
+ * This makes tor2web users fingerprintable by their continued
+ * selection of the same 3 nodes for these circuits (their guard
+ * nodes).
+ *
+ * - Tor2WebMode makes unexpected use of circuit path lengths
+ * in ways that prevent us from applying the PathBias defense.
+ */
+ log_notice(LD_CONFIG,
+ "Tor2WebMode is enabled; disabling UseEntryGuards.");
+ options->UseEntryGuards = 0;
+ }
+
if (!(options->LearnCircuitBuildTimeout) &&
options->CircuitBuildTimeout < RECOMMENDED_MIN_CIRCUIT_BUILD_TIMEOUT) {
log_warn(LD_CONFIG,