[tor-bugs] #7341 [Tor]: circuit_expire_building applies CBT in twisted ways on hidden service circuits

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Nov 27 18:59:22 UTC 2012 

#7341: circuit_expire_building applies CBT in twisted ways on hidden service
circuits
------------------------+---------------------------------------------------
 Reporter:  mikeperry   |          Owner:                    
     Type:  defect      |         Status:  new               
 Priority:  normal      |      Milestone:  Tor: 0.2.4.x-final
Component:  Tor         |        Version:                    
 Keywords:  tor-client  |         Parent:                    
   Points:              |   Actualpoints:                    
------------------------+---------------------------------------------------

Comment(by nickm):

 Replying to [comment:11 mikeperry]:
 > 1. Flag them with hs_circ_has_timed_out and launch a new circuit in
 parallel, and then use the first INDTRODUCE_ACK one to get back to us.
 This seems like it will work especially well for
 CIRCUIT_PURPOSE_C_INTRODUCING, but I'm not sure it will be great for
 CIRCUIT_PURPOSE_C_ESTABLISH_REND, given that we'd need to reuse the rend
 cookie and/or restart the whole introduction handshake too.

 Yeah, we really shouldn't be reusing  rend cookies.

 > 2. Simply declare the circuit purpose(s) exempt from timeouts once the
 circuit was already built to its full length. It might make sense to apply
 the CircuitStreamTimeout instead of messing around with CBT for them,
 since they are more like end-to-end RELAY cells anyway. I think I like
 this idea for CIRCUIT_PURPOSE_C_ESTABLISH_REND, due to the cookie issues
 above.

 That seems like an okay idea.  It's not perfect, but it's an improvement.

 > So I think I'm going to try to hack up approach 1 for
 CIRCUIT_PURPOSE_C_INTRODUCING and approach 2 for
 CIRCUIT_PURPOSE_C_ESTABLISH_REND. Anyone object?

 Seems like it's worth trying; I say go for it and see how it works.

 (We definitely should be

 > If anyone knows any potential pitfalls with launching
 CIRCUIT_PURPOSE_C_INTRODUCING requests in parallel, or wants to help me
 out by pointing me at the regions of the code I'd need to hack to do this,
 I'd appreciate that, too.

 What exact behavior are you proposing here?  *Always* launch in parallel
 seems iffy; "Launch in parallel on timeout" seems plausible, but we need
 to keep an eye on it.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7341#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list