tor-commits February 2021

tor-commits@lists.torproject.org

19 participants
1772 discussions

[sbws/maint-1.1] minor: scanner: move checking helper to methods
by juga＠torproject.org 23 Feb '21

23 Feb '21

commit 3d8cf6f801ab42a12d9efd58ba41e697c34b1ef9 Author: juga0 <juga(a)riseup.net> Date: Tue Feb 2 12:07:03 2021 +0000 minor: scanner: move checking helper to methods `helper` variable is only used to return error, therefore move it to the methods that create the path and return the error there. `our_nick` is not useful for the log, since it is always the same, but not removing it here. --- sbws/core/scanner.py | 27 ++++++++++----------------- 1 file changed, … [View More]10 insertions(+), 17 deletions(-) diff --git a/sbws/core/scanner.py b/sbws/core/scanner.py index 4ca7430..e18bddb 100644 --- a/sbws/core/scanner.py +++ b/sbws/core/scanner.py @@ -244,7 +244,7 @@ def _pick_ideal_second_hop(relay, dest, rl, cont, is_exit): return chosen -def error_no_helper(relay, dest, our_nick): +def error_no_helper(relay, dest, our_nick=""): reason = 'Unable to select a second relay' log.debug(reason + ' to help measure %s (%s)', relay.fingerprint, relay.nickname) @@ -255,25 +255,24 @@ def error_no_helper(relay, dest, our_nick): def create_path_relay_as_entry(relay, dest, rl, cb): - circ_fps = nicknames = [] helper = _pick_ideal_second_hop( relay, dest, rl, cb.controller, is_exit=True) if not helper: - return error_no_helper(relay, dest, our_nick) + return error_no_helper(relay, dest) circ_fps = [relay.fingerprint, helper.fingerprint] nicknames = [relay.nickname, helper.nickname] return helper, circ_fps, nicknames def create_path_relay_as_exit(relay, dest, rl, cb): - circ_fps = nicknames = [] helper = _pick_ideal_second_hop( relay, dest, rl, cb.controller, is_exit=False) - if helper: - circ_fps = [helper.fingerprint, relay.fingerprint] - # stored for debugging - nicknames = [helper.nickname, relay.nickname] - return helper, circ_fps, nicknames + if not helper: + return error_no_helper(relay, dest) + circ_fps = [helper.fingerprint, relay.fingerprint] + # stored for debugging + nicknames = [helper.nickname, relay.nickname] + return circ_fps, nicknames def measure_relay(args, conf, destinations, cb, rl, relay): @@ -324,16 +323,10 @@ def measure_relay(args, conf, destinations, cb, rl, relay): # Pick a relay to help us measure the given relay. If the given relay is an # exit, then pick a non-exit. Otherwise pick an exit. - helper = None - circ_fps = None if relay.is_exit_not_bad_allowing_port_all_ips(dest.port): - helper, circ_fps, nicknames = create_path_relay_as_exit( - relay, dest, rl, cb) + circ_fps, nicknames = create_path_relay_as_exit(relay, dest, rl, cb) else: - helper, circ_fps, nicknames = create_path_relay_as_entry( - relay, dest, rl, cb) - if not helper: - return error_no_helper(relay, dest, our_nick) + circ_fps, nicknames = create_path_relay_as_entry(relay, dest, rl, cb) # Build the circuit circ_id, reason = cb.build_circuit(circ_fps) [View Less]

1 0

[sbws/maint-1.1] fix: relaylist: Remove duplicated can exit methods
by juga＠torproject.org 23 Feb '21

23 Feb '21

commit cd9f82fbbe6ec4205fa3c8695cd277a03da39833 Author: juga0 <juga(a)riseup.net> Date: Mon Feb 8 15:04:58 2021 +0000 fix: relaylist: Remove duplicated can exit methods After refactoring and making clear when we were using exit(s) that can exit to all public IPs (and a port) or only some, refactor them removing the duplicated code and adding the `strict` argument. --- sbws/core/scanner.py | 8 ++-- sbws/lib/relaylist.py | … [View More]64 +++++++++++-------------------- tests/integration/lib/test_destination.py | 6 +-- 3 files changed, 29 insertions(+), 49 deletions(-) diff --git a/sbws/core/scanner.py b/sbws/core/scanner.py index 1499264..903f09f 100644 --- a/sbws/core/scanner.py +++ b/sbws/core/scanner.py @@ -215,7 +215,7 @@ def _pick_ideal_second_hop(relay, dest, rl, cont, is_exit): # In the case that a concrete exit can't exit to the Web server, it is not # a problem since the relay will be measured in the next loop with other # random exit. - candidates = rl.exits_not_bad_allowing_port_some_ips(dest.port) \ + candidates = rl.exits_not_bad_allowing_port(dest.port) \ if is_exit else rl.non_exits if not len(candidates): return None @@ -340,7 +340,7 @@ def measure_relay(args, conf, destinations, cb, rl, relay): # exit, then pick a non-exit. Otherwise pick an exit. # Instead of ensuring that the relay can exit to all IPs, try first with # the relay as an exit, if it can exit to some IPs. - if relay.is_exit_not_bad_allowing_port_some_ips(dest.port): + if relay.is_exit_not_bad_allowing_port(dest.port): circ_fps, nicknames = create_path_relay_as_exit(relay, dest, rl, cb) else: circ_fps, nicknames = create_path_relay_as_entry(relay, dest, rl, cb) @@ -365,7 +365,7 @@ def measure_relay(args, conf, destinations, cb, rl, relay): # to the Web server, try again using it as entry, to avoid that it would # always fail when there's only one Web server. if not is_usable and \ - relay.is_exit_not_bad_allowing_port_all_ips(dest.port): + relay.is_exit_not_bad_allowing_port(dest.port): log.info( "Exit %s (%s) that can't exit all ips failed to connect to " " %s via circuit %s (%s). Trying again with it as entry.", @@ -377,7 +377,7 @@ def measure_relay(args, conf, destinations, cb, rl, relay): "Exit %s (%s) that can't exit all ips, failed to create " " circuit as entry: %s (%s).", relay.fingerprint, relay.nickname, circ_fps, nicknames) - return error_no_circuit(relay, circ_fps, nicknames, reason, dest, + return error_no_circuit(circ_fps, nicknames, reason, relay, dest, our_nick) log.debug('Built circuit with path %s (%s) to measure %s (%s)', diff --git a/sbws/lib/relaylist.py b/sbws/lib/relaylist.py index 3ff1f73..9c6d12a 100644 --- a/sbws/lib/relaylist.py +++ b/sbws/lib/relaylist.py @@ -178,21 +178,32 @@ class Relay: """Number of times the relay was in a conensus.""" return len(self.relay_in_recent_consensus) - def can_exit_to_port_all_ips(self, port): + def can_exit_to_port(self, port, strict=False): """ Returns True if the relay has an exit policy and the policy accepts - exiting to the given portself or False otherwise. + exiting to the given port or False otherwise. + + If ``strict`` is true, it only returns the exits that can exit to all + IPs and that port. The exits that are IPv6 only or IPv4 but rejecting some public networks will return false. On July 2020, there were 67 out of 1095 exits like this. + + If ``strict`` is false, it returns any exit that can exit to some + public IPs and that port. + + Note that the EXIT flag exists when the relay can exit to 443 **and** + 80. Currently all Web servers are using 443, so it would not be needed + to check the EXIT flag too, using this function. + """ assert isinstance(port, int) # if dind't get the descriptor, there isn't exit policy # When the attribute is gotten in getattr(self._desc, "exit_policy"), # is possible that stem's _input_rules is None and raises an exception # (#29899): - # File "/usr/lib/python3/dist-packages/sbws/lib/relaylist.py", line 117, in can_exit_to_port_all_ips # noqa + # File "/usr/lib/python3/dist-packages/sbws/lib/relaylist.py", line 117, in can_exit_to_port # noqa # if not self.exit_policy: # File "/usr/lib/python3/dist-packages/stem/exit_policy.py", line 512, in __len__ # noqa # return len(self._get_rules()) @@ -202,50 +213,23 @@ class Relay: # Therefore, catch the exception here. try: if self.exit_policy: - # Using `strict` to ensure it can exit to ALL domains - # and ips and that port. See #40006. # Using `strip_private` to ignore reject rules to private # networks. - # We could increase the chances that the exit can exit - # checking IPv6 with: - # ``or self.exit_policy_v6.can_exit_to(port=443, strict=True)`` - # But if it can still not exit to our Web server, then we - # should retry to measure it as entry. - return ( - self.exit_policy.strip_private() - .can_exit_to(port=port, strict=True) - ) - except TypeError: - return False - return False - - def can_exit_to_port_some_ips(self, port): - """ - Returns True if the relay has an exit policy and the policy accepts - exiting to the given port and some public IPs or False otherwise. - """ - assert isinstance(port, int) - try: - if self.exit_policy: - # Not using argument `strict`, to know whether it can exit - # some public IPs, though not all. + # When ``strict`` is true, We could increase the chances that + # the exit can exit via IPv6 too (``exit_policy_v6``). However, + # in theory that is only known using microdescriptors. return ( self.exit_policy.strip_private() - .can_exit_to(port=port) + .can_exit_to(port=port, strict=strict) ) except TypeError: return False return False - def is_exit_not_bad_allowing_port_all_ips(self, port): + def is_exit_not_bad_allowing_port(self, port, strict=False): return (Flag.BADEXIT not in self.flags and Flag.EXIT in self.flags and - self.can_exit_to_port_all_ips(port)) - - def is_exit_not_bad_allowing_port_some_ips(self, port): - return (Flag.BADEXIT not in self.flags and - Flag.EXIT in self.flags and - self.can_exit_to_port_some_ips(port)) + self.can_exit_to_port(port, strict)) def increment_relay_recent_measurement_attempt(self): """ @@ -476,13 +460,9 @@ class RelayList: """Number of times a new consensus was obtained.""" return len(self._recent_consensus) - def exits_not_bad_allowing_port_all_ips(self, port): - return [r for r in self.exits - if r.is_exit_not_bad_allowing_port_all_ips(port)] - - def exits_not_bad_allowing_port_some_ips(self, port): + def exits_not_bad_allowing_port(self, port, strict=False): return [r for r in self.exits - if r.is_exit_not_bad_allowing_port_some_ips(port)] + if r.is_exit_not_bad_allowing_port(port, strict)] def increment_recent_measurement_attempt(self): """ diff --git a/tests/integration/lib/test_destination.py b/tests/integration/lib/test_destination.py index d305b0e..98ed89f 100644 --- a/tests/integration/lib/test_destination.py +++ b/tests/integration/lib/test_destination.py @@ -26,7 +26,7 @@ def test_connect_to_destination_over_circuit_success(persistent_launch_tor, relay = [r for r in rl.relays if r.nickname == 'relay1mbyteMAB'][0] # Choose an exit, for this test it does not matter the bandwidth - helper = rl.exits_not_bad_allowing_port_some_ips(destination.port)[0] + helper = rl.exits_not_bad_allowing_port(destination.port)[0] circuit_path = [relay.fingerprint, helper.fingerprint] # build a circuit circuit_id, _ = cb.build_circuit(circuit_path) @@ -46,7 +46,7 @@ def test_connect_to_destination_over_circuit_fail(persistent_launch_tor, relay = [r for r in rl.relays if r.nickname == 'relay1mbyteMAB'][0] # Choose an exit, for this test it does not matter the bandwidth - helper = rl.exits_not_bad_allowing_port_some_ips(bad_destination.port)[0] + helper = rl.exits_not_bad_allowing_port(bad_destination.port)[0] circuit_path = [relay.fingerprint, helper.fingerprint] # Build a circuit. circuit_id, _ = cb.build_circuit(circuit_path) @@ -75,7 +75,7 @@ def test_functional_destinations(conf, cb, rl, persistent_launch_tor): relay = [r for r in rl.relays if r.nickname == 'relay1mbyteMAB'][0] # Choose an exit, for this test it does not matter the bandwidth - helper = rl.exits_not_bad_allowing_port_some_ips(bad_destination.port)[0] + helper = rl.exits_not_bad_allowing_port(bad_destination.port)[0] circuit_path = [relay.fingerprint, helper.fingerprint] # Build a circuit. circuit_id, _ = cb.build_circuit(circuit_path) [View Less]

1 0

[sbws/maint-1.1] fix:scanner: Move as_entry/as_exit into one function
by juga＠torproject.org 23 Feb '21

23 Feb '21

commit 8846c32a500515fc3d5d094a6ff5b0777f2c30fb Author: juga0 <juga(a)riseup.net> Date: Tue Feb 9 12:57:36 2021 +0000 fix:scanner: Move as_entry/as_exit into one function since they're similar code --- sbws/core/scanner.py | 39 +++++++++++++++++++-------------------- 1 file changed, 19 insertions(+), 20 deletions(-) diff --git a/sbws/core/scanner.py b/sbws/core/scanner.py index 40e3093..97829f4 100644 --- a/sbws/core/scanner.py +++ b/sbws/core/scanner.py @@ -266,25 +266,… [View More]24 @@ def error_no_helper(relay, dest, our_nick=""): ] -def create_path_relay_as_entry(relay, dest, rl, cb): - helper = _pick_ideal_second_hop( - relay, dest, rl, cb.controller, is_exit=True) - if not helper: - return error_no_helper(relay, dest) - circ_fps = [relay.fingerprint, helper.fingerprint] - nicknames = [relay.nickname, helper.nickname] - return circ_fps, nicknames, helper.exit_policy - - -def create_path_relay_as_exit(relay, dest, rl, cb): - helper = _pick_ideal_second_hop( - relay, dest, rl, cb.controller, is_exit=False) +def create_path_relay(relay, dest, rl, cb, relay_as_entry=True): + if relay_as_entry: + helper = _pick_ideal_second_hop( + relay, dest, rl, cb.controller, is_exit=True) + else: + helper = _pick_ideal_second_hop( + relay, dest, rl, cb.controller, is_exit=False) if not helper: return error_no_helper(relay, dest) - circ_fps = [helper.fingerprint, relay.fingerprint] - # stored for debugging - nicknames = [helper.nickname, relay.nickname] - return circ_fps, nicknames, relay.exit_policy + if relay_as_entry: + circ_fps = [relay.fingerprint, helper.fingerprint] + nicknames = [relay.nickname, helper.nickname] + exit_policy = helper.exit_policy + else: + circ_fps = [helper.fingerprint, relay.fingerprint] + nicknames = [helper.nickname, relay.nickname] + exit_policy = relay.exit_policy + return circ_fps, nicknames, exit_policy def error_no_circuit(circ_fps, nicknames, reason, relay, dest, our_nick): @@ -348,10 +347,10 @@ def measure_relay(args, conf, destinations, cb, rl, relay): # the relay as an exit, if it can exit to some IPs. if relay.is_exit_not_bad_allowing_port(dest.port): circ_fps, nicknames, exit_policy = \ - create_path_relay_as_exit(relay, dest, rl, cb) + create_path_relay(relay, dest, rl, cb, relay_as_entry=False) else: circ_fps, nicknames, exit_policy = \ - create_path_relay_as_entry(relay, dest, rl, cb) + create_path_relay(relay, dest, rl, cb) # Build the circuit circ_id, reason = cb.build_circuit(circ_fps) @@ -380,7 +379,7 @@ def measure_relay(args, conf, destinations, cb, rl, relay): "with it as entry.", relay.fingerprint, relay.nickname, exit_policy, dest.url, circ_fps, nicknames, usable_data) circ_fps, nicknames, exit_policy = \ - create_path_relay_as_entry(relay, dest, rl, cb) + create_path_relay(relay, dest, rl, cb) circ_id, reason = cb.build_circuit(circ_fps) if not circ_id: log.warning( [View Less]

1 0

[sbws/maint-1.1] fix: scanner: remove relay to measure as helper
by juga＠torproject.org 23 Feb '21

23 Feb '21

commit 50377680448d66bc95a09fc5333da9465bd1b791 Author: juga0 <juga(a)riseup.net> Date: Mon Feb 8 16:24:11 2021 +0000 fix: scanner: remove relay to measure as helper --- sbws/core/scanner.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/sbws/core/scanner.py b/sbws/core/scanner.py index c7ee1ee..40e3093 100644 --- a/sbws/core/scanner.py +++ b/sbws/core/scanner.py @@ -219,6 +219,12 @@ def _pick_ideal_second_hop(relay, dest, rl, cont, is_exit): if is_exit else rl.… [View More]

1 0

[sbws/maint-1.1] fix: doc: Add relay measure activity diagram
by juga＠torproject.org 23 Feb '21

23 Feb '21

commit 78c4091538493604e2d9749bc0e93bbb968d0b1a Author: juga0 <juga(a)riseup.net> Date: Wed Feb 3 12:05:49 2021 +0000 fix: doc: Add relay measure activity diagram --- docs/source/activity_measure.puml | 30 +++++++++++++++++++++++ docs/source/how_works.rst | 12 +++++++++- docs/source/images/activity_measure.svg | 42 +++++++++++++++++++++++++++++++++ 3 files changed, 83 insertions(+), 1 deletion(-) diff --git a/docs/source/activity_measure.puml b/docs/source/… [View More]activity_measure.puml new file mode 100644 index 0000000..f553cb1 --- /dev/null +++ b/docs/source/activity_measure.puml @@ -0,0 +1,30 @@ +@startuml + +start + +if (exit?) then (yes) + :[h, r]; +else (no) + :[r, h]; +endif +if (circuit?) then (yes) + :stream; + if (no stream and [h, r]) then (yes) + :[r, h] (r is exit); + if (circuit?) then (yes) + :stream; + else (no) + :WARN; + :ErrorCircuit; + endif + endif + if (no stream) then (yes) + :ErrorStream; + endif +else (no) + :ErrorCircuit; +endif + +stop + +@enduml diff --git a/docs/source/how_works.rst b/docs/source/how_works.rst index 24f8689..f4b1ae0 100644 --- a/docs/source/how_works.rst +++ b/docs/source/how_works.rst @@ -73,6 +73,16 @@ Measuring relays Source code: :func:`sbws.core.scanner.measure_relay` +Measuring a relay +~~~~~~~~~~~~~~~~~ + +.. image:: ./images/activity_measure.svg + :alt: activity measuring a relay + :height: 300px + :align: center + +Source code: :func:`sbws.core.scanner.measure_relay` + Selecting a second relay ~~~~~~~~~~~~~~~~~~~~~~~~ @@ -165,4 +175,4 @@ The bandwidth file format is defined in the bandwidth_file_spec_. .. _requests: http://docs.python-requests.org/ .. _peerflow: https://www.nrl.navy.mil/itd/chacs/sites/www.nrl.navy.mil.itd.chacs/files/p… .. _torflow_scaling: https://gitweb.torproject.org/torflow.git/tree/NetworkScanners/BwAuthority/… -.. _bandwidth_file_spec: https://gitweb.torproject.org/torspec.git/tree/bandwidth-file-spec.txt \ No newline at end of file +.. _bandwidth_file_spec: https://gitweb.torproject.org/torspec.git/tree/bandwidth-file-spec.txt diff --git a/docs/source/images/activity_measure.svg b/docs/source/images/activity_measure.svg new file mode 100644 index 0000000..a278ce7 --- /dev/null +++ b/docs/source/images/activity_measure.svg @@ -0,0 +1,42 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentScriptType="application/ecmascript" contentStyleType="text/css" height="783px" preserveAspectRatio="none" style="width:337px;height:783px;" version="1.1" viewBox="0 0 337 783" width="337px" zoomAndPan="magnify"><defs><filter height="300%" id="fhkta1jkgebqi" width="300%" x="-1" y="-1"><feGaussianBlur result="blurOut" stdDeviation="2.0"/><feColorMatrix in="blurOut" result="blurOut2" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 .4 0"/><feOffset dx="4.0" dy="4.0" in="blurOut2" result="blurOut3"/><feBlend in="SourceGraphic" in2="blurOut3" mode="normal"/></filter></defs><g><ellipse cx="185.75" cy="20" fill="#000000" filter="url(#fhkta1jkgebqi)" rx="10" ry="10" style="stroke: none; stroke-width: 1.0;"/><polygon fill="#FEFECE" filter="url(#fhkta1jkgebqi)" points="172.75,50,198.75,50,210.75,62,198.75,74,172.75,74,160.75,62,172.75,50" sty le="stroke: #A80036; stroke-width: 1.5;"/><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="26" x="172.75" y="65.8081">exit?</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="20" x="140.75" y="59.4058">yes</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="14" x="210.75" y="59.4058">no</text><rect fill="#FEFECE" filter="url(#fhkta1jkgebqi)" height="33.9688" rx="12.5" ry="12.5" style="stroke: #A80036; stroke-width: 1.5;" width="51" x="124.75" y="84"/><text fill="#000000" font-family="sans-serif" font-size="12" lengthAdjust="spacingAndGlyphs" textLength="31" x="134.75" y="105.1387">[h, r]</text><rect fill="#FEFECE" filter="url(#fhkta1jkgebqi)" height="33.9688" rx="12.5" ry="12.5" style="stroke: #A80036; stroke-width: 1.5;" width="51" x="195.75" y="84"/><text fill="#000000" font-family="sans-serif" font-size="12" lengthAdjust="spacingAndGlyphs" textLength="31" x="205.75" y="105.1387">[r, h]</text><polygon fill="#FEFECE" filter="url(#fhkta1jkgebqi)" points="185.75,123.9688,197.75,135.9688,185.75,147.9688,173.75,135.9688,185.75,123.9688" style="stroke: #A80036; stroke-width: 1.5;"/><polygon fill="#FEFECE" filter="url(#fhkta1jkgebqi)" points="165.75,167.9688,205.75,167.9688,217.75,179.9688,205.75,191.9688,165.75,191.9688,153.75,179.9688,165.75,167.9688" style="stroke: #A80036; stroke-width: 1.5;"/><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="40" x="165.75" y="183.7769">circuit?</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="20" x="133.75" y="177.3745">yes</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="14" x="217.75" y="177.3745">no</text><rect fill="#FEFECE" filter="url(#fhkta1jkgebqi)" height="33.9688" rx="1 2.5" ry="12.5" style="stroke: #A80036; stroke-width: 1.5;" width="64" x="58.5" y="201.9688"/><text fill="#000000" font-family="sans-serif" font-size="12" lengthAdjust="spacingAndGlyphs" textLength="44" x="68.5" y="223.1074">stream</text><rect fill="#FEFECE" filter="url(#fhkta1jkgebqi)" height="33.9688" rx="12.5" ry="12.5" style="stroke: #A80036; stroke-width: 1.5;" width="110" x="35.5" y="304.3398"/><text fill="#000000" font-family="sans-serif" font-size="12" lengthAdjust="spacingAndGlyphs" textLength="90" x="45.5" y="325.4785">[r, h] (r is exit)</text><polygon fill="#FEFECE" filter="url(#fhkta1jkgebqi)" points="70.5,358.3086,110.5,358.3086,122.5,370.3086,110.5,382.3086,70.5,382.3086,58.5,370.3086,70.5,358.3086" style="stroke: #A80036; stroke-width: 1.5;"/><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="40" x="70.5" y="374.1167">circuit?</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAn dGlyphs" textLength="20" x="38.5" y="367.7144">yes</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="14" x="122.5" y="367.7144">no</text><rect fill="#FEFECE" filter="url(#fhkta1jkgebqi)" height="33.9688" rx="12.5" ry="12.5" style="stroke: #A80036; stroke-width: 1.5;" width="64" x="10" y="392.3086"/><text fill="#000000" font-family="sans-serif" font-size="12" lengthAdjust="spacingAndGlyphs" textLength="44" x="20" y="413.4473">stream</text><rect fill="#FEFECE" filter="url(#fhkta1jkgebqi)" height="33.9688" rx="12.5" ry="12.5" style="stroke: #A80036; stroke-width: 1.5;" width="56" x="111" y="392.3086"/><text fill="#000000" font-family="sans-serif" font-size="12" lengthAdjust="spacingAndGlyphs" textLength="36" x="121" y="413.4473">WARN</text><rect fill="#FEFECE" filter="url(#fhkta1jkgebqi)" height="33.9688" rx="12.5" ry="12.5" style="stroke: #A80036; stroke-width: 1.5;" width="90" x="94" y="446.2773"/><text fill="#000000" font- family="sans-serif" font-size="12" lengthAdjust="spacingAndGlyphs" textLength="70" x="104" y="467.416">ErrorCircuit</text><polygon fill="#FEFECE" filter="url(#fhkta1jkgebqi)" points="90.5,486.2461,102.5,498.2461,90.5,510.2461,78.5,498.2461,90.5,486.2461" style="stroke: #A80036; stroke-width: 1.5;"/><polygon fill="#FEFECE" filter="url(#fhkta1jkgebqi)" points="32.5,255.9375,148.5,255.9375,160.5,267.9375,148.5,279.9375,32.5,279.9375,20.5,267.9375,32.5,255.9375" style="stroke: #A80036; stroke-width: 1.5;"/><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="20" x="94.5" y="290.1479">yes</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="116" x="32.5" y="271.7456">no stream and [h, r]</text><polygon fill="#FEFECE" filter="url(#fhkta1jkgebqi)" points="90.5,530.2461,102.5,542.2461,90.5,554.2461,78.5,542.2461,90.5,530.2461" style="stroke: #A80036; stroke-width: 1.5;"/><rect fill= "#FEFECE" filter="url(#fhkta1jkgebqi)" height="33.9688" rx="12.5" ry="12.5" style="stroke: #A80036; stroke-width: 1.5;" width="96" x="42.5" y="622.6484"/><text fill="#000000" font-family="sans-serif" font-size="12" lengthAdjust="spacingAndGlyphs" textLength="76" x="52.5" y="643.7871">ErrorStream</text><polygon fill="#FEFECE" filter="url(#fhkta1jkgebqi)" points="61,574.2461,120,574.2461,132,586.2461,120,598.2461,61,598.2461,49,586.2461,61,574.2461" style="stroke: #A80036; stroke-width: 1.5;"/><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="20" x="94.5" y="608.4565">yes</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacingAndGlyphs" textLength="59" x="61" y="590.0542">no stream</text><polygon fill="#FEFECE" filter="url(#fhkta1jkgebqi)" points="90.5,676.6172,102.5,688.6172,90.5,700.6172,78.5,688.6172,90.5,676.6172" style="stroke: #A80036; stroke-width: 1.5;"/><rect fill="#FEFECE" filter="url(#fh kta1jkgebqi)" height="33.9688" rx="12.5" ry="12.5" style="stroke: #A80036; stroke-width: 1.5;" width="90" x="236" y="201.9688"/><text fill="#000000" font-family="sans-serif" font-size="12" lengthAdjust="spacingAndGlyphs" textLength="70" x="246" y="223.1074">ErrorCircuit</text><polygon fill="#FEFECE" filter="url(#fhkta1jkgebqi)" points="185.75,706.6172,197.75,718.6172,185.75,730.6172,173.75,718.6172,185.75,706.6172" style="stroke: #A80036; stroke-width: 1.5;"/><ellipse cx="185.75" cy="761.6172" fill="#FFFFFF" filter="url(#fhkta1jkgebqi)" rx="11" ry="11" style="stroke: #000000; stroke-width: 1.0;"/><ellipse cx="185.75" cy="761.6172" fill="#000000" rx="6" ry="6" style="stroke: #7F7F7F; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="160.75" x2="150.25" y1="62" y2="62"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="150.25" x2="150.25" y1="62" y2="84"/><polygon fill="#A80036" points="146.25,74,150.25,84,154.25,74,150.25,78" style="stroke: #A80036; strok e-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="210.75" x2="221.25" y1="62" y2="62"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="221.25" x2="221.25" y1="62" y2="84"/><polygon fill="#A80036" points="217.25,74,221.25,84,225.25,74,221.25,78" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="150.25" x2="150.25" y1="117.9688" y2="135.9688"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="150.25" x2="173.75" y1="135.9688" y2="135.9688"/><polygon fill="#A80036" points="163.75,131.9688,173.75,135.9688,163.75,139.9688,167.75,135.9688" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="221.25" x2="221.25" y1="117.9688" y2="135.9688"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="221.25" x2="197.75" y1="135.9688" y2="135.9688"/><polygon fill="#A80036" points="207.75,131.9688,197.75,135.9688,207.75,139.9688,203.75,135.9688" style="stroke: #A80036; stroke -width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="185.75" x2="185.75" y1="30" y2="50"/><polygon fill="#A80036" points="181.75,40,185.75,50,189.75,40,185.75,44" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="139" x2="139" y1="426.2773" y2="446.2773"/><polygon fill="#A80036" points="135,436.2773,139,446.2773,143,436.2773,139,440.2773" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="58.5" x2="42" y1="370.3086" y2="370.3086"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="42" x2="42" y1="370.3086" y2="392.3086"/><polygon fill="#A80036" points="38,382.3086,42,392.3086,46,382.3086,42,386.3086" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="122.5" x2="139" y1="370.3086" y2="370.3086"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="139" x2="139" y1="370.3086" y2="392.3086"/><polygon fill="#A80036" points=" 135,382.3086,139,392.3086,143,382.3086,139,386.3086" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="42" x2="42" y1="426.2773" y2="498.2461"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="42" x2="78.5" y1="498.2461" y2="498.2461"/><polygon fill="#A80036" points="68.5,494.2461,78.5,498.2461,68.5,502.2461,72.5,498.2461" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="139" x2="139" y1="480.2461" y2="498.2461"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="139" x2="102.5" y1="498.2461" y2="498.2461"/><polygon fill="#A80036" points="112.5,494.2461,102.5,498.2461,112.5,502.2461,108.5,498.2461" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="90.5" x2="90.5" y1="338.3086" y2="358.3086"/><polygon fill="#A80036" points="86.5,348.3086,90.5,358.3086,94.5,348.3086,90.5,352.3086" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="90.5" x2="90.5" y1="279.9375" y2="304.3398"/><polygon fill="#A80036" points="86.5,294.3398,90.5,304.3398,94.5,294.3398,90.5,298.3398" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="160.5" x2="204" y1="267.9375" y2="267.9375"/><polygon fill="#A80036" points="200,397.293,204,407.293,208,397.293,204,401.293" style="stroke: #A80036; stroke-width: 1.5;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="204" x2="204" y1="267.9375" y2="542.2461"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="204" x2="102.5" y1="542.2461" y2="542.2461"/><polygon fill="#A80036" points="112.5,538.2461,102.5,542.2461,112.5,546.2461,108.5,542.2461" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="90.5" x2="90.5" y1="510.2461" y2="530.2461"/><polygon fill="#A80036" points="86.5,520.2461,90.5,530.2461,94.5,520.2461,90.5,524.2461" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="90.5" x2="90.5" y1="235.9375" y2="255.9375"/><polygon fill="#A80036" points="86.5,245.9375,90.5,255.9375,94.5,245.9375,90.5,249.9375" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="90.5" x2="90.5" y1="598.2461" y2="622.6484"/><polygon fill="#A80036" points="86.5,612.6484,90.5,622.6484,94.5,612.6484,90.5,616.6484" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="132" x2="148.5" y1="586.2461" y2="586.2461"/><polygon fill="#A80036" points="144.5,629.6328,148.5,639.6328,152.5,629.6328,148.5,633.6328" style="stroke: #A80036; stroke-width: 1.5;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="148.5" x2="148.5" y1="586.2461" y2="688.6172"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="148.5" x2="102.5" y1="688.6172" y2="688.6172"/><polygon fill="#A80036" points="112.5,684.6172,102.5,688.6172,112.5,69 2.6172,108.5,688.6172" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="90.5" x2="90.5" y1="656.6172" y2="676.6172"/><polygon fill="#A80036" points="86.5,666.6172,90.5,676.6172,94.5,666.6172,90.5,670.6172" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="90.5" x2="90.5" y1="554.2461" y2="574.2461"/><polygon fill="#A80036" points="86.5,564.2461,90.5,574.2461,94.5,564.2461,90.5,568.2461" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="153.75" x2="90.5" y1="179.9688" y2="179.9688"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="90.5" x2="90.5" y1="179.9688" y2="201.9688"/><polygon fill="#A80036" points="86.5,191.9688,90.5,201.9688,94.5,191.9688,90.5,195.9688" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="217.75" x2="281" y1="179.9688" y2="179.9688"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="281" x2="281" y1="179.9688" y2="201.9688"/><polygon fill="#A80036" points="277,191.9688,281,201.9688,285,191.9688,281,195.9688" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="90.5" x2="90.5" y1="700.6172" y2="718.6172"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="90.5" x2="173.75" y1="718.6172" y2="718.6172"/><polygon fill="#A80036" points="163.75,714.6172,173.75,718.6172,163.75,722.6172,167.75,718.6172" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="281" x2="281" y1="235.9375" y2="718.6172"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="281" x2="197.75" y1="718.6172" y2="718.6172"/><polygon fill="#A80036" points="207.75,714.6172,197.75,718.6172,207.75,722.6172,203.75,718.6172" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="185.75" x2="185.75" y1="147.9688" y2="167.9688"/><polygon fill=" #A80036" points="181.75,157.9688,185.75,167.9688,189.75,157.9688,185.75,161.9688" style="stroke: #A80036; stroke-width: 1.0;"/><line style="stroke: #A80036; stroke-width: 1.5;" x1="185.75" x2="185.75" y1="730.6172" y2="750.6172"/><polygon fill="#A80036" points="181.75,740.6172,185.75,750.6172,189.75,740.6172,185.75,744.6172" style="stroke: #A80036; stroke-width: 1.0;"/></g></svg> \ No newline at end of file [View Less]

1 0

[sbws/maint-1.1] minor: scanner: Change logic creating the path
by juga＠torproject.org 23 Feb '21

23 Feb '21

commit 294fc29786c47fbffac62cbbebdfad3186906fe3 Author: juga0 <juga(a)riseup.net> Date: Tue Feb 2 13:07:57 2021 +0000 minor: scanner: Change logic creating the path When the relay is not an exit, instead of choosing exits that can exit to all IPs, try with exits that can exit to some IPs, since the relay will be measured again with a different exit in other loop. When the relay is an exit, instead of ensuring it can exit all IPs, try using it as exit … [View More]if it can exit to some IPs. If it fails connecting to the Web server, then try a 2nd time using it as entry to avoid that it will fail in all loops if there is only one Web server, cause it will be used again as an exit. Also, the helper exits don't need to be able to exit all IPs. When a helper exit fails to exit (maybe cause it can not exit to the Web sever IP), it's not a problem cause in a next loop other exit will be choosen. This change of logic also solves the bug where non exits were being used as exits, because we were trying to measure again a relay that was used as entry, because it could not exit all IPs, which includes also the non exits. Closes: #40041. --- sbws/core/scanner.py | 50 ++++++++++++++++++++++++------- tests/integration/lib/test_destination.py | 6 ++-- 2 files changed, 43 insertions(+), 13 deletions(-) diff --git a/sbws/core/scanner.py b/sbws/core/scanner.py index aa17452..1499264 100644 --- a/sbws/core/scanner.py +++ b/sbws/core/scanner.py @@ -209,8 +209,14 @@ def _pick_ideal_second_hop(relay, dest, rl, cont, is_exit): destination **dest**, pick a second relay that is or is not an exit according to **is_exit**. ''' - candidates = rl.exits_not_bad_allowing_port_all_ips(dest.port) if is_exit \ - else rl.non_exits + # 40041: Instead of using exits that can exit to all IPs, to ensure that + # they can make requests to the Web servers, try with the exits that + # allow some IPs, since there're more. + # In the case that a concrete exit can't exit to the Web server, it is not + # a problem since the relay will be measured in the next loop with other + # random exit. + candidates = rl.exits_not_bad_allowing_port_some_ips(dest.port) \ + if is_exit else rl.non_exits if not len(candidates): return None min_relay_bw = rl.exit_min_bw() if is_exit else rl.non_exit_min_bw() @@ -332,20 +338,20 @@ def measure_relay(args, conf, destinations, cb, rl, relay): # Pick a relay to help us measure the given relay. If the given relay is an # exit, then pick a non-exit. Otherwise pick an exit. - if relay.is_exit_not_bad_allowing_port_all_ips(dest.port): + # Instead of ensuring that the relay can exit to all IPs, try first with + # the relay as an exit, if it can exit to some IPs. + if relay.is_exit_not_bad_allowing_port_some_ips(dest.port): circ_fps, nicknames = create_path_relay_as_exit(relay, dest, rl, cb) else: circ_fps, nicknames = create_path_relay_as_entry(relay, dest, rl, cb) # Build the circuit circ_id, reason = cb.build_circuit(circ_fps) - if not circ_id and relay.fingerprint == circ_fps[0]: - # We detected that some exits fail to build circuits as 1st hop. - # If that's the case, try again using them as 2nd hop. - # We could reuse the helper, but it does not need to be an exit now, - # so choose other again. - create_path_relay_as_exit(relay, dest, rl, cb) - circ_id, reason = cb.build_circuit(circ_fps) + + # If the circuit failed to get created, bad luck, it will be created again + # with other helper. + # Here we won't have the case that an exit tried to build the circuit as + # entry and failed (#40029), cause not checking that it can exit all IPs. if not circ_id: return error_no_circuit(circ_fps, nicknames, reason, relay, dest, our_nick) @@ -354,6 +360,30 @@ def measure_relay(args, conf, destinations, cb, rl, relay): # Make a connection to the destination is_usable, usable_data = connect_to_destination_over_circuit( dest, circ_id, s, cb.controller, dest._max_dl) + + # In the case that the relay was used as an exit, but could not exit + # to the Web server, try again using it as entry, to avoid that it would + # always fail when there's only one Web server. + if not is_usable and \ + relay.is_exit_not_bad_allowing_port_all_ips(dest.port): + log.info( + "Exit %s (%s) that can't exit all ips failed to connect to " + " %s via circuit %s (%s). Trying again with it as entry.", + relay.fingerprint, relay.nickname, dest, circ_fps, nicknames) + circ_fps, nicknames = create_path_relay_as_entry(relay, dest, rl, cb) + circ_id, reason = cb.build_circuit(circ_fps) + if not circ_id: + log.warning( + "Exit %s (%s) that can't exit all ips, failed to create " + " circuit as entry: %s (%s).", relay.fingerprint, + relay.nickname, circ_fps, nicknames) + return error_no_circuit(relay, circ_fps, nicknames, reason, dest, + our_nick) + + log.debug('Built circuit with path %s (%s) to measure %s (%s)', + circ_fps, nicknames, relay.fingerprint, relay.nickname) + is_usable, usable_data = connect_to_destination_over_circuit( + dest, circ_id, s, cb.controller, dest._max_dl) if not is_usable: log.debug('Destination %s unusable via circuit %s (%s), %s', dest.url, circ_fps, nicknames, usable_data) diff --git a/tests/integration/lib/test_destination.py b/tests/integration/lib/test_destination.py index 19f6617..d305b0e 100644 --- a/tests/integration/lib/test_destination.py +++ b/tests/integration/lib/test_destination.py @@ -26,7 +26,7 @@ def test_connect_to_destination_over_circuit_success(persistent_launch_tor, relay = [r for r in rl.relays if r.nickname == 'relay1mbyteMAB'][0] # Choose an exit, for this test it does not matter the bandwidth - helper = rl.exits_not_bad_allowing_port_all_ips(destination.port)[0] + helper = rl.exits_not_bad_allowing_port_some_ips(destination.port)[0] circuit_path = [relay.fingerprint, helper.fingerprint] # build a circuit circuit_id, _ = cb.build_circuit(circuit_path) @@ -46,7 +46,7 @@ def test_connect_to_destination_over_circuit_fail(persistent_launch_tor, relay = [r for r in rl.relays if r.nickname == 'relay1mbyteMAB'][0] # Choose an exit, for this test it does not matter the bandwidth - helper = rl.exits_not_bad_allowing_port_all_ips(bad_destination.port)[0] + helper = rl.exits_not_bad_allowing_port_some_ips(bad_destination.port)[0] circuit_path = [relay.fingerprint, helper.fingerprint] # Build a circuit. circuit_id, _ = cb.build_circuit(circuit_path) @@ -75,7 +75,7 @@ def test_functional_destinations(conf, cb, rl, persistent_launch_tor): relay = [r for r in rl.relays if r.nickname == 'relay1mbyteMAB'][0] # Choose an exit, for this test it does not matter the bandwidth - helper = rl.exits_not_bad_allowing_port_all_ips(bad_destination.port)[0] + helper = rl.exits_not_bad_allowing_port_some_ips(bad_destination.port)[0] circuit_path = [relay.fingerprint, helper.fingerprint] # Build a circuit. circuit_id, _ = cb.build_circuit(circuit_path) [View Less]

1 0

[sbws/maint-1.1] fix: CI: Make wget quiet
by juga＠torproject.org 23 Feb '21

23 Feb '21

commit d0a0202f47b5e019f08c0b4b285b4f2cb6a87352 Author: juga0 <juga(a)riseup.net> Date: Wed Feb 10 09:30:39 2021 +0000 fix: CI: Make wget quiet to avoid many lines of non useful text the CI. --- tox.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tox.ini b/tox.ini index f0aadaf..51daeba 100644 --- a/tox.ini +++ b/tox.ini @@ -56,7 +56,7 @@ commands = bash -c "time python3 {envtmpdir}/net/wait.py {envtmpdir}/net/{auth,relay,exit}*" bash -c "… [View More]

1 0

[sbws/maint-1.1] fix:scanner: Rm condition assigning helper
by juga＠torproject.org 23 Feb '21

23 Feb '21

commit 72b43570589d10a668039341895948ded0f1bfd7 Author: juga0 <juga(a)riseup.net> Date: Tue Feb 9 13:08:44 2021 +0000 fix:scanner: Rm condition assigning helper --- sbws/core/scanner.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/sbws/core/scanner.py b/sbws/core/scanner.py index 97829f4..5fd917a 100644 --- a/sbws/core/scanner.py +++ b/sbws/core/scanner.py @@ -267,12 +267,12 @@ def error_no_helper(relay, dest, our_nick=""): def … [View More]

1 0

[sbws/maint-1.1] fix: stem: Remove torrc option that is the default
by juga＠torproject.org 23 Feb '21

23 Feb '21

commit 15da07d6a447d8310354124f6020b4cf74b75488 Author: juga0 <juga(a)riseup.net> Date: Thu Dec 17 14:37:58 2020 +0000 fix: stem: Remove torrc option that is the default to avoid conflict when comparing the options that should be set and the ones are set, since the SocksPort will be differently in chutney. --- docs/source/config_tor.rst | 1 - sbws/globals.py | 3 --- 2 files changed, 4 deletions(-) diff --git a/docs/source/config_tor.rst b/docs/source/… [View More]

1 0

[sbws/maint-1.1] fix: stem: Move torrc option that does not depend on config
by juga＠torproject.org 23 Feb '21

23 Feb '21

commit 2d5a6b65704857b8abde4a867f0f6590c181325c Author: juga0 <juga(a)riseup.net> Date: Thu Dec 17 14:40:36 2020 +0000 fix: stem: Move torrc option that does not depend on config It seems we forgot this option when refactoring in #28738. --- sbws/globals.py | 6 +++++- sbws/util/stem.py | 4 ---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/sbws/globals.py b/sbws/globals.py index 2434685..f5b3ec6 100644 --- a/sbws/globals.py +++ b/sbws/globals.py @@ -… [View More]

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits February 2021