[tor-bugs] #20509 [Core Tor/Tor]: Directory authorities should take away Guard flag from relays with #20499 bug

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Nov 5 05:01:18 UTC 2016


#20509: Directory authorities should take away Guard flag from relays with #20499
bug
--------------------------------+------------------------------------
 Reporter:  arma                |          Owner:
     Type:  defect              |         Status:  new
 Priority:  Medium              |      Milestone:  Tor: 0.2.9.x-final
Component:  Core Tor/Tor        |        Version:
 Severity:  Normal              |     Resolution:
 Keywords:  028-backport, easy  |  Actual Points:
Parent ID:                      |         Points:
 Reviewer:                      |        Sponsor:
--------------------------------+------------------------------------

Comment (by rubiate):

 Will something like this work?

 {{{
 diff --git a/src/or/dirserv.c b/src/or/dirserv.c
 index 6e25323..7ff5535 100644
 --- a/src/or/dirserv.c
 +++ b/src/or/dirserv.c
 @@ -2122,6 +2122,29 @@ routers_make_ed_keys_unique(smartlist_t *routers)
    } SMARTLIST_FOREACH_END(ri);
  }

 +/** Check if the Tor version provided in the platform string
 <b>platform</b> is
 + * known to be broken in a way that means it should not be used as a
 Guard.
 + *
 + * Return 0 if it should be good, or 1 if it is known to be broken.
 + */
 +STATIC int
 +is_broken_guard_version(const char *platform)
 +{
 +  /* assume it's good if we don't know the platform/version */
 +  if (platform == NULL)
 +    return 0;
 +
 +  /* bug #20499 affects versions from 0.2.9.1-alpha-dev to 0.2.9.4-alpha
 +   * and version 0.3.0.0-alpha-dev
 +   */
 +  if (!tor_version_as_new_as(platform, "Tor 0.2.9.1-alpha-dev") ||
 +      (tor_version_as_new_as(platform, "Tor 0.2.9.5-alpha") &&
 +      strcmpstart(platform, "Tor 0.3.0.0-alpha-dev") != 0))
 +    return 0;
 +
 +  return 1;
 +}
 +
  /** Extract status information from <b>ri</b> and from other authority
   * functions and store it in <b>rs</b>>.
   *
 @@ -2154,6 +2177,7 @@ set_routerstatus_from_routerinfo(routerstatus_t *rs,
    rs->is_valid = node->is_valid;

    if (node->is_fast && node->is_stable &&
 +      !is_broken_guard_version(ri->platform) &&
        ((options->AuthDirGuardBWGuarantee &&
          routerbw_kb >= options->AuthDirGuardBWGuarantee/1000) ||
         routerbw_kb >= MIN(guard_bandwidth_including_exits_kb,
 diff --git a/src/or/dirserv.h b/src/or/dirserv.h
 index 1e4f27e..6f645bc 100644
 --- a/src/or/dirserv.h
 +++ b/src/or/dirserv.h
 @@ -132,6 +132,7 @@ STATIC int dirserv_has_measured_bw(const char
 *node_id);
  STATIC int
  dirserv_read_guardfraction_file_from_str(const char
 *guardfraction_file_str,
                                        smartlist_t *vote_routerstatuses);
 +STATIC int is_broken_guard_version(const char *platform);
  #endif

  int dirserv_read_measured_bandwidths(const char *from_file,

 }}}

 Tests and changes file:

 {{{
 diff --git a/changes/bug20509 b/changes/bug20509
 new file mode 100644
 index 0000000..aaa0467
 --- /dev/null
 +++ b/changes/bug20509
 @@ -0,0 +1,7 @@
 +  o Directory authorities:
 +     - Directory authorities will now withhold the Guard flag from
 +       relays which are running Tor versions 0.2.9.1-alpha-dev to
 +       0.2.9.4-alpha, and 0.3.0.0-alpha-dev. Bug 20499 causes these
 +       versions to not update the consensus they will serve, which
 +       could prevent clients that use these relays as Guards from
 +       being able to connect to the network. See ticket 20509.
 diff --git a/src/test/test_dir.c b/src/test/test_dir.c
 index cf0b94c..8aad34d 100644
 --- a/src/test/test_dir.c
 +++ b/src/test/test_dir.c
 @@ -3183,6 +3183,29 @@ reset_routerstatus(routerstatus_t *rs,
    rs->addr = ipv4_addr;
  }

 +static void
 +test_dir_broken_guard_versions(void *arg)
 +{
 +  (void)arg;
 +
 +#define TEST_GUARD_VERSION(v, r) \
 +  tt_int_op(is_broken_guard_version("Tor " v " on Linux"), OP_EQ, r);
 +
 +  TEST_GUARD_VERSION("0.2.8.9", 0);
 +  TEST_GUARD_VERSION("0.2.9.1-alpha", 0);
 +  TEST_GUARD_VERSION("0.2.9.1-alpha-dev", 1);
 +  TEST_GUARD_VERSION("0.2.9.2-alpha", 1);
 +  TEST_GUARD_VERSION("0.2.9.3-alpha", 1);
 +  TEST_GUARD_VERSION("0.2.9.4-alpha", 1);
 +  TEST_GUARD_VERSION("0.2.9.5-alpha", 0);
 +  TEST_GUARD_VERSION("0.3.0.0-alpha-dev", 1);
 +  TEST_GUARD_VERSION("0.3.0.0-alpha", 0);
 +  TEST_GUARD_VERSION("0.3.0.0", 0);
 +  tt_int_op(is_broken_guard_version(NULL), OP_EQ, 0);
 +
 + done: ;
 +}
 +
  #define ROUTER_A_ID_STR    "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
  #define ROUTER_A_IPV4      0xAA008801
  #define ROUTER_B_ID_STR    "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB"
 @@ -5771,6 +5794,7 @@ struct testcase_t dir_tests[] = {
    DIR_LEGACY(clip_unmeasured_bw_kb),
    DIR_LEGACY(clip_unmeasured_bw_kb_alt),
    DIR(fmt_control_ns, 0),
 +  DIR(broken_guard_versions, 0),
    DIR(dirserv_set_routerstatus_testing, 0),
    DIR(http_handling, 0),
    DIR(purpose_needs_anonymity_returns_true_for_bridges, 0),
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20509#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list