[tor-bugs] #20410 [Core Tor/Tor]: Tor master breaks bridge clients
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Oct 24 04:31:32 UTC 2016
#20410: Tor master breaks bridge clients
---------------------------------+----------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: High | Milestone:
Component: Core Tor/Tor | Version: Tor: 0.3.0.0-alpha-dev
Severity: Major | Resolution:
Keywords: crash bridge-client | Actual Points:
Parent ID: | Points: 0.5
Reviewer: | Sponsor:
---------------------------------+----------------------------------------
Changes (by teor):
* keywords: => crash bridge-client
* priority: Medium => High
Comment:
I think I understand why this is happening based on 195ccce in #20077:
* launch_direct_bridge_descriptor_fetch calls directory_initiate_command
with DIR_PURPOSE_FETCH_SERVERDESC, ROUTER_PURPOSE_BRIDGE, and
DIRIND_ONEHOP
* directory_initiate_command calls directory_initiate_command_rend
* directory_initiate_command_rend asserts because purpose_needs_anonymity
believes all ROUTER_PURPOSE_BRIDGE requests must be anonymous (3-hop), but
this clearly isn't true for bridge descriptor fetches straight from the
bridge itself.
I think the correct fix for this is to modify purpose_needs_anonymity to
require anonymity for ROUTER_PURPOSE_BRIDGE, except for
DIR_PURPOSE_FETCH_SERVERDESC. (This might be problematic because it allows
fetch_bridge_descriptors() to fetch directly from the bridge authority.
Does this matter?)
Also, the other replacement of is_sensitive_dir_purpose with
purpose_needs_anonymity is incomplete. We should upcast the linked
connection to a dir_connection_t, then check the router_purpose field.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20410#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list