torcontrol: Use the default/standard network port for Tor hidden services, even if the internal port is set differently #15651
pull luke-jr wants to merge 1 commits into bitcoin:master from luke-jr:tor_standard_port changing 1 files +4 −4-
luke-jr commented at 5:47 am on March 23, 2019: memberCurrently, the hidden service is published on the same port as the public listening port. But if a non-standard port is configured, this can be used to guess (pretty reliably) that the public IP and the hidden service are the same node.
-
fanquake added the label P2P on Mar 23, 2019
-
DrahtBot commented at 6:11 am on March 23, 2019: member
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.
Conflicts
No conflicts as of last run.
-
torcontrol: Use the default/standard network port for Tor hidden services, even if the internal port is set differently
Currently, the hidden service is published on the same port as the public listening port. But if a non-standard port is configured, this can be used to guess (pretty reliably) that the public IP and the hidden service are the same node.
-
luke-jr force-pushed on Mar 23, 2019
-
practicalswift commented at 3:16 pm on March 23, 2019: contributor
Concept ACK
Are there additional decloaking vectors that could be worth fixing?
-
gmaxwell commented at 11:37 pm on March 23, 2019: contributorThis sounds okay to me but it will remain trivial to link HS nodes with their non-HS addresses, we should document that clearly. (for example, hand a node a orphan txn on one identity then observe that it won’t getdata the same txid on another)
-
practicalswift commented at 10:48 am on March 25, 2019: contributorutACK 8a2656702b4b5d53d1b8343c3215302e4305a038
-
naumenkogs commented at 7:30 pm on March 25, 2019: memberutACK 8a26567
-
MarcoFalke commented at 7:42 pm on March 25, 2019: memberWould there be any reason to make it user-configurable? Could the port collide with something else? Does this need release notes?
-
luke-jr commented at 10:19 am on April 4, 2019: member
@MarcoFalke This is only for the dedicated hidden service we create, so no, nothing else can use it.
The only reason for release notes would be if the privacy leak is serious enough to warrant an advisory; but IIRC this is only one of multiple ways to tie a Tor node to a clearnet node, so probably not.
-
laanwj commented at 3:28 pm on June 18, 2019: member
I think this is fine.
There will be a slight service interruption due to this due to the new address needing to be propagated, but always using the “standard” virtual port by default makes perfect sense, there’s no resource contention in Tor and need to deviate from that.
I don’t think release notes are necessary.
The user can already configure it by setting up their own Tor hidden service. I don’t think it’s worth to add an option for it.
utACK 8a2656702b4b5d53d1b8343c3215302e4305a038
-
laanwj merged this on Jun 18, 2019
-
laanwj closed this on Jun 18, 2019
-
laanwj referenced this in commit 6c9d3c704f on Jun 18, 2019
-
sidhujag referenced this in commit 8ba243e50b on Jun 19, 2019
-
luke-jr referenced this in commit 602ad30a0b on Aug 23, 2019
-
fanquake referenced this in commit a2b207be7a on Aug 24, 2019
-
fanquake referenced this in commit f792b25d14 on Sep 23, 2019
-
laanwj referenced this in commit 29d70264fb on Nov 25, 2019
-
jasonbcox referenced this in commit c63ec5c0b0 on Nov 11, 2020
-
PastaPastaPasta referenced this in commit 81776d4f0b on Jun 25, 2021
-
PastaPastaPasta referenced this in commit ae7c62d0ee on Jun 25, 2021
-
PastaPastaPasta referenced this in commit 4b32b68724 on Jun 25, 2021
-
PastaPastaPasta referenced this in commit 7f012a777b on Jun 26, 2021
-
DrahtBot locked this on Dec 16, 2021
This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-18 18:12 UTC
More mirrored repositories can be found on mirror.b10c.me