nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-20 13:06:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
mirror repository of the tor core protocol in case of issues
35,140 Commits 53 Branches 629 Tags 108 MiB
C 94.4%
Python 1.5%
C++ 1.1%
Shell 1.1%
M4 0.9%
Other 0.8%
f5c9f6d432
Go to file
David Goulet f5c9f6d432 hs: Don't overwrite DoS parameters on circuit with consensus params 
Turns out that the HS DoS defenses parameters were overwritten by the
consensus parameters everytime a new consensus would arrive.

This means that a service operator can still enable the defenses but as soon
as the intro point relay would get a new consensus, they would be overwritten.
And at this commit, the network is entirely disabling DoS defenses.

Fix this by introducing an "explicit" flag that indicate if the
ESTABLISH_INTRO cell DoS extension set those parameters or not. If set, avoid
using the consenus at once.

We are not bumping the protover HSIntro value for this because 0.4.2.x series
is EOL in 1 month and thus 0.4.3.x would be the only series with this bug. We
are confident that a backport and then upgrade path to the latest 0.4.4.x
stable coming up soon is enough to mitigate this problem in the coming months.

It avoids the upgrade path on the service side by keeping the requirement for
protover HSIntro=5.

Fixes #40109

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-08-19 09:47:34 -04:00
changes hs: Don't overwrite DoS parameters on circuit with consensus params 2020-08-19 09:47:34 -04:00
contrib Bump to 0.4.3.6-dev 2020-07-09 13:15:15 -04:00
doc Man page: MinUptimeHidServDirectoryV2 defaults to 96 hours 2020-05-23 04:37:57 -04:00
m4 Print summary at the end of the configure script 2019-10-17 10:08:34 -04:00
scripts Merge branch 'maint-0.4.2' into maint-0.4.3 2020-08-12 20:21:04 -04:00
src hs: Don't overwrite DoS parameters on circuit with consensus params 2020-08-19 09:47:34 -04:00
.appveyor.yml CI: Remove VS2015 AppVeyor build. 2020-08-12 14:05:21 +03:00
.editorconfig Add .editorconfig to follow coding standards style 2018-06-17 19:24:40 -04:00
.gitignore Move unit-parsing code to src/lib/confmgt 2019-06-24 15:11:57 -04:00
.gitlab-ci.yml Improve comments in .gitlab-ci.yml 2020-08-12 20:20:58 -04:00
.gitmodules Update the .gitmodules to refer to project-level tor-rust-dependencies 2018-02-21 11:53:04 -05:00
.travis.yml Merge branch 'maint-0.3.5' into maint-0.4.2 2020-06-12 12:55:41 -04:00
acinclude.m4 Bump copyright date to 2019 2019-01-16 12:33:22 -05:00
autogen.sh Cleanup shellcheck warnings in autogen.sh 2019-01-18 13:49:30 +02:00
ChangeLog Correction to changelog from dgoulet 2020-02-10 15:02:32 -05:00
CODE_OF_CONDUCT Add CODE_OF_CONDUCT file 2018-07-05 11:22:33 +03:00
config.rust.in Make the rust tests link. 2018-07-31 19:46:00 -04:00
configure.ac Bump to 0.4.3.6-dev 2020-07-09 13:15:15 -04:00
CONTRIBUTING improve a URL 2018-05-11 18:00:30 -04:00
Doxyfile.in Doxyfile: skip CHECK_PRINTF() 2019-12-08 22:40:00 -06:00
INSTALL Remove old instructions from INSTALL 2018-07-03 16:34:52 +03:00
LICENSE clarify that tor's license is free software 2019-08-23 21:52:33 -04:00
Makefile.am Merge branch 'maint-0.4.2' into maint-0.4.3 2020-08-12 12:29:17 -04:00
Makefile.nmake Clean up the MVSC nmake files so they work again. 2014-09-09 10:27:05 -04:00
README doc: Put the release timeline link in README 2017-11-08 10:44:00 -05:00
ReleaseNotes Fix a changelog typo 2020-01-30 12:56:06 -05:00
warning_flags.in Try @warning_flags to avoid bloating verbose make logs 2018-12-21 10:00:23 -05:00

README 

Tor protects your privacy on the internet by hiding the connection
between your Internet address and the services you use. We believe Tor
is reasonably secure, but please ensure you read the instructions and
configure it properly.

To build Tor from source:
        ./configure && make && make install

To build Tor from a just-cloned git repository:
        sh autogen.sh && ./configure && make && make install

Home page:
        https://www.torproject.org/

Download new versions:
        https://www.torproject.org/download/download.html

Documentation, including links to installation and setup instructions:
        https://www.torproject.org/docs/documentation.html

Making applications work with Tor:
        https://wiki.torproject.org/projects/tor/wiki/doc/TorifyHOWTO

Frequently Asked Questions:
        https://www.torproject.org/docs/faq.html


To get started working on Tor development:
        See the doc/HACKING directory.

Release timeline:
         https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTorReleases