[tor-bugs] #1138 [Tor Client]: If bridge authority is unreachable, client doesn't fallback to bridge
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sun Sep 12 05:17:17 UTC 2010
#1138: If bridge authority is unreachable, client doesn't fallback to bridge
-------------------------+--------------------------------------------------
Reporter: arma | Owner: mwenge
Type: defect | Status: needs_review
Priority: major | Milestone: Tor: 0.2.2.x-final
Component: Tor Client | Version: 0.2.1.19
Resolution: None | Keywords: easy
Parent: |
-------------------------+--------------------------------------------------
Comment(by arma):
{{{
+ tor_assert(conn->requested_resource);
/* Requests for bridge descriptors are in the form 'fp/', so ignore
anything else. */
if (conn->requested_resource &&
strcmpstart(conn->requested_resource,"fp/"))
}}}
The first part of that if is now redundant.
It seems the defensive programming way to do that would be to say
if (!conn->requested_resource || strcmpstart(...))
I'm not comfortable with the assert in general, because
conn->requested_resource only gets assigned once we're actually sending
the request. That *may* be fine for begin_dir cells, since they shouldn't
fail instantaneously if the request is going over Tor.
Still, notice how connection_dir_request_failed() gets called from
directory_initiate_command_rend() in the case where connect() fails.
That's at least one codepath.
This area sure is a mess. See also the
{{{
/* XXX we only pass 'conn' above, not 'resource', 'payload',
* etc. So in many situations it can't retry! -RD */
}}}
comment right around there.
I vote for the 'defensive programming way' I mentioned above, as the
short-term fix.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1138#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list