<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><br class=""><div><blockquote type="cite" class=""><div class="">On 9 Nov 2015, at 18:56, Matthew Finkel <<a href="mailto:matthew.finkel@gmail.com" class="">matthew.finkel@gmail.com</a>> wrote:</div><div class=""><div class=""><br class="">Which version of Tor were you previously running? Have you seen these<br class="">messages within the last few days, after you upgraded?<br class=""><br class=""></div></div></blockquote><div><br class=""></div><div>Hi SiNA, Matthew,</div><div><br class=""></div><div>I can reproduce some unusual behaviour from Faravahar simply using wget.</div><div>It seems that a web cache in front of Faravahar's dirport might be misbehaving.</div><div><br class=""></div><div>*Exit Notice - Reproducible Incorrect X-Your-Address-Is*</div><div><br class=""></div><div>I just retrieved the Faravahar "exit notice" from a US AWS address, then a few seconds later made a query from an Australian home IP address.</div><div><br class=""></div><div>Both queries returned the US AWS address in X-Your-Address-Is.</div><div>(A previous query from the Australian address a few minutes beforehand had the correct address.)</div><div><br class=""></div><div>I can reproduce this behaviour: whichever query starts first is the one whose IP address gets recorded.</div><div><br class=""></div><div>Subsequent queries get the same IP address for several tens of seconds afterwards.</div><div><br class=""></div><div>I'm using:</div><div>wget --save-headers <a href="http://154.35.175.225/" class="">http://154.35.175.225/</a></div><div><br class=""></div><div>The headers I see look like:</div><div><br class=""></div><div>HTTP/1.0 200 OK<br class="">Age: 976 <br class="">Date: Mon, 09 Nov 2015 08:35:20 GMT<br class="">Expires: Mon, 09 Nov 2015 08:55:20 GMT<br class="">Connection: Keep-Alive<br class="">ETag: "KXJDGONEHLPTLKVYRY"<br class="">Content-Type: text/html<br class="">X-Your-Address-Is: <not my IP address><br class="">Content-Encoding: identity<br class="">Content-Length: 38126</div><div><br class=""></div><div><div>*Directory Documents - Once-Off Header Corruption*</div><br class="">This caching behaviour isn't reproducible with the actual documents, but I did see one instance of corrupted headers:</div><div>* Content-Length is misspelt Xontent-Length,</div><div>* Connection and ETag are present, but they're not typically present in the headers of other directory documents from Faravahar.</div><div>* Expires is in the location it would typically be in for the exit notice (after Date), not the directory documents (last, after Content-Encoding)</div><div><br class=""></div><div><div>wget --save-headers <a href="http://154.35.175.225/tor/status-vote/current/consensus-ns" class="">http://154.35.175.225/tor/status-vote/current/consensus-ns</a></div><div><br class=""></div><div>HTTP/1.0 200 OK<br class="">Age: 975 <br class="">Date: Mon, 09 Nov 2015 08:43:32 GMT<br class="">Expires: Mon, 09 Nov 2015 09:00:00 GMT<br class="">Xontent-Length: <br class="">Connection: Close <br class="">ETag: "KXJDGONEHLSKRWTYRY"<br class="">Content-Type: text/plain<br class="">X-Your-Address-Is: 180.200.153.214<br class="">Content-Encoding: identity<br class=""></div></div><div><br class=""></div><div>The second download with exactly the same URL did not contain [C|X]ontent-Length, Connection, or ETag.</div><div><br class=""></div><div>It's probably worth mentioning that similar queries to other directory authorities do not show the same behaviour.</div><div><br class=""></div><div>Tim</div></div><br class=""><div class="">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Tim Wilson-Brown (teor)</div><div style="color: rgb(0, 0, 0); letter-spacing: normal; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><br class=""></div><div style="orphans: auto; text-align: start; text-indent: 0px; widows: auto; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">teor2345 at gmail dot com<br class="">PGP 968F094B<br class=""><br class="">teor at blah dot im<br class="">OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F</div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
</div>
<br class=""></body></html>