[tor-bugs] #20269 [Core Tor/Tor]: bridge users ignore their cached consensus file on startup
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Nov 13 06:22:04 UTC 2016
#20269: bridge users ignore their cached consensus file on startup
-------------------------------------------------+-------------------------
Reporter: arma | Owner: arma
Type: defect | Status:
| needs_revision
Priority: Medium | Milestone: Tor:
| 0.3.0.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: 029-proposed, nickm- | Actual Points:
deferred-20161017, review-group-11 |
Parent ID: | Points:
Reviewer: nickm | Sponsor:
-------------------------------------------------+-------------------------
Comment (by arma):
Replying to [comment:10 teor]:
> Replying to [comment:9 nickm]:
> > Okay, but what will actually happen if a new client (with this patch)
tries to run with an 0.2.2.x bridge? That will break, right?
> >
> > If so, are we okay with that breaking?
>
> Yes, but we should log a warning to the client saying the bridge is too
old.
> (We should reject the bridge's descriptor in 0.2.9 anyway, as it doesn't
have an ntor key.)
It's worse than that: Tor 0.3.0.0 doesn't finish its TLS handshake with
the 0.2.2.x bridge.
I ran an 0.2.2.39 bridge and an 0.3.0.0 client.
Here's what my (modern) client says:
{{{
Nov 13 01:09:16.852 [warn] Problem bootstrapping. Stuck at 10%: Finishing
handshake with directory server. (IOERROR; IOERROR; count 1;
recommendation warn; host 0000000000000000000000000000000000000000 at
128.31.0.39:9005)
Nov 13 01:09:16.852 [warn] 1 connections have failed:
Nov 13 01:09:16.852 [warn] 1 connections died in state handshaking (Tor,
v3 handshake) with SSL state SSL negotiation finished successfully in OPEN
Nov 13 01:09:17.398 [warn] Problem bootstrapping. Stuck at 10%: Finishing
handshake with directory server. (IOERROR; IOERROR; count 2;
recommendation warn; host 0000000000000000000000000000000000000000 at
128.31.0.39:9005)
Nov 13 01:09:17.398 [warn] 2 connections have failed:
Nov 13 01:09:17.398 [warn] 2 connections died in state handshaking (Tor,
v3 handshake) with SSL state SSL negotiation finished successfully in OPEN
}}}
And here's what the (ancient) bridge says:
{{{
Nov 13 01:09:17.362 [debug] tor_tls_handshake(): Completed V2 TLS
handshake with client; waiting for renegotiation.
Nov 13 01:09:17.362 [debug] connection_tls_continue_handshake(): Done with
initial SSL handshake (server-side). Expecting renegotiation.
Nov 13 01:09:17.386 [debug] conn_read_callback(): socket 121 wants to
read.
Nov 13 01:09:17.386 [debug] connection_read_to_buf(): 121: starting,
inbuf_datalen 0 (0 pending in tls object). at_most 16384.
Nov 13 01:09:17.386 [debug] connection_read_to_buf(): After TLS read of 9:
510 read, 1179 written
Nov 13 01:09:17.386 [info] connection_or_process_inbuf(): Accumulated too
much data (9 bytes) on nonopen OR connection from a.b.c.d:43856 in state
waiting for renegotiation (TLS); closing.
Nov 13 01:09:17.386 [debug] conn_close_if_marked(): Cleaning up connection
(fd 121).
}}}
So unless we want to put some energy into figuring out how to resume
supporting 0.2.2.x bridges and relays (in which case we should open a
separate ticket for that), I suggest we merge this one and call it done.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20269#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list