[tor-bugs] #12538 [Tor]: Make all relays automatically be dir caches

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Nov 26 00:16:48 UTC 2015


#12538: Make all relays automatically be dir caches
-------------------------------------------------+-------------------------
 Reporter:  cypherpunks                          |          Owner:
     Type:  task                                 |         Status:
 Priority:  High                                 |  needs_revision
Component:  Tor                                  |      Milestone:  Tor:
 Severity:  Normal                               |  0.2.8.x-final
 Keywords:  tor-guard, tor-relay, prop237,       |        Version:  Tor:
  026-triaged-1, sebastian-review,               |  unspecified
  027-triaged-1-out, 028-triage, 028-triaged,    |     Resolution:
  mike-can, pre028-patch, TorCoreTeam201511      |  Actual Points:
Parent ID:                                       |         Points:
  Sponsor:                                       |  medium/large
-------------------------------------------------+-------------------------

Comment (by teor):

 Replying to [comment:83 dgoulet]:
 > Here is an issue I found:
 >
 > * In src/or/or.h:
 >
 >  `node_is_dir()` checks both the tunnelled support and dir_port which
 can by pass the fact that we shouldn't be advertising to be a dircache:
 > {{{
 > +    return ri->supports_tunnelled_dir_requests ||
 > +           ri->dir_port > 0;
 > }}}
 >
 >  It's possible for `supports_tunnelled_dir_requests` to be 0, for
 instance if the Accounting is enabled and we've reached our max. But if we
 have a `DirPort`, it will bypass it and return 1. Seems to me that we
 maybe don't want to be used as a directory cache in that case?

 Definitely - AccountingMax needs to work properly.

 >  I think just testing `supports_tunnelled_dir_requests` is enough since
 it will be 1 if the DirPort is set and if the rest of the requirements are
 met (Accounting for instance).

 I agree. (See my [comment:78 teor] for the behaviour we're trying for -
 trying to match the current directory-with-DirPort behaviour.)

 > * Also fun fact, this below will make that a relay can opt-out of being
 an HSDir once it's accounting has reached the max or it's bandwitdh has
 changed dynamically (because of `router_should_be_directory_server()`):
 >
 > {{{
 > +  return (router->wants_to_be_hs_dir &&
 > +          router->supports_tunnelled_dir_requests &&
 > ...
 > }}}
 >
 >  which could lead to client reachability issue (I think it won't be
 severe) if an HSDir can come and go at each consensus in a 24 hour period.
 _BUT_ it could also explain why we are seeing HSDir responding NOT_FOUND
 when they are suppose to have the descriptor because Accounting max was
 reached in that time period?...

 Unfortunately, we need AccountingMax to work reliably, even if it causes
 reachability issues for hidden services. But we could fix this behaviour
 in a different ticket so the HSDir flag is more stable. But is there
 anything we could change here to make it more stable?

 > The rest lgtm;

 I agree, it's time!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12538#comment:84>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list