Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Disable Guard usage for Tor2webMode.

Tor2webMode is fingerprintable by hidden services through repeated
usage of the same three guard nodes for its rend and intro points.
Mike Perry 11 years ago
parent
704fd8bb02
commit
acda1735fd
2 changed files with 20 additions and 0 deletions
Split View Show Diff Stats
  1. 4 0
      changes/bug6866
  2. 16 0
      src/or/config.c

+ 4 - 0
changes/bug6866
View File 

@@ -2,3 +2,7 @@
 
     - Convert an assert in the pathbias code to a log message. Assert
 
       appears to only be triggerable by Tor2Web mode. Fixes bug 6866;
 
       bugfix on 0.2.3.17-beta.
 
+    - Disable the use of Guard nodes when in Tor2WebMode. Guard usage
 
+      by Tor2Web clients allows hidden services to identity tor2web
 
+      clients through their repeated selection of the same rendezvous
 
+      and introduction point circuit endpoints (their guards).

+ 16 - 0
src/or/config.c
View File 

@@ -2522,6 +2522,22 @@ options_validate(or_options_t *old_options, or_options_t *options,
 
     options->LearnCircuitBuildTimeout = 0;
 
   }
 
 
+  if (options->Tor2webMode && options->UseEntryGuards) {
 
+    /* Tor2WebMode is incompatible with EntryGuards in two ways:
 
+     *
 
+     * - Tor2WebMode uses its guard nodes as rend and intro points.
 
+     *   This makes tor2web users fingerprintable by their continued
 
+     *   selection of the same 3 nodes for these circuits (their guard
 
+     *   nodes).
 
+     *
 
+     * - Tor2WebMode makes unexpected use of circuit path lengths
 
+     *   in ways that prevent us from applying the PathBias defense.
 
+     */
 
+    log_notice(LD_CONFIG,
 
+               "Tor2WebMode is enabled; disabling UseEntryGuards.");
 
+    options->UseEntryGuards = 0;
 
+  }
 
+
 
   if (!(options->LearnCircuitBuildTimeout) &&
 
         options->CircuitBuildTimeout < RECOMMENDED_MIN_CIRCUIT_BUILD_TIMEOUT) {
 
     log_warn(LD_CONFIG,