tor/changes/bug22753 at ce8e7427b9284ef12b69d50d72c8fc315b90e36d - mirrors/tor - RingTools

mirrors/tor

mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-25 07:07:52 +01:00

Nick Mathewson 665baf5ed5 Consider the exit family when applying guard restrictions.

When the new path selection logic went into place, I accidentally
dropped the code that considered the _family_ of the exit node when
deciding if the guard was usable, and we didn't catch that during
code review.

This patch makes the guard_restriction_t code consider the exit
family as well, and adds some (hopefully redundant) checks for the
case where we lack a node_t for a guard but we have a bridge_info_t
for it.

Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2016-006
and CVE-2017-0377.

2017-06-29 09:57:00 -04:00

7 lines

359 B

Text

Raw Blame History

   o Major bugfixes (path selection, security):
     - When choosing which guard to use for a circuit, avoid the
       exit's family along with the exit itself. Previously, the new
       guard selection logic avoided the exit, but did not consider
       its family.  Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked
       as TROVE-2016-006 and CVE-2017-0377.