#34004: Support for full DNS and DNSSEC resolution --------------------------+------------------------ Reporter: chrisss404 | Owner: (none) Type: enhancement | Status: new Priority: Medium | Milestone: Component: Core Tor/Tor | Version: Severity: Major | Resolution: Keywords: DNS, DNSSEC | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: --------------------------+------------------------
Comment (by chrisss404): I added the implementation here: https://github.com/torproject/tor/pull/1869 For the DNS connections I introduced a new session group: SESSION_GROUP_DNS_LOOKUP https://github.com/torproject/tor/blob/153f81f340ea84bc5df7471b2d0a7bfbf3ad318c/src/core/or/or.h#L990 Then I setup the connection as follows: dns_conn->entry_cfg.session_group = SESSION_GROUP_DNS_LOOKUP; dns_conn->entry_cfg.isolation_flags = ISO_DEFAULT; dns_conn->entry_cfg.ipv4_traffic = 1; dns_conn->entry_cfg.ipv6_traffic = 1; dns_conn->entry_cfg.dns_request = 0; dns_conn->entry_cfg.onion_traffic = 1; dns_conn->entry_cfg.use_cached_ipv4_answers = 0; dns_conn->entry_cfg.use_cached_ipv6_answers = 0; https://github.com/torproject/tor/blob/153f81f340ea84bc5df7471b2d0a7bfbf3ad318c/src/core/or/dns_resolver.c#L458 Can you please help me to determine if this approach is prone to correlation attacks? -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/34004#comment:2> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs