[tor-bugs] #23817 [Core Tor/Tor]: Tor re-tries directory mirrors that it knows are missing microdescriptors

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Nov 7 01:37:28 UTC 2017

#23817: Tor re-tries directory mirrors that it knows are missing microdescriptors
 Reporter:  teor                                 |          Owner:  (none)
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.3.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-guard, tor-hs, prop224,          |  Actual Points:
  032-backport? 031-backport? spec-change        |
Parent ID:  #21969                               |         Points:
 Reviewer:                                       |        Sponsor:

Comment (by teor):

 Replying to [comment:15 nickm]:
 > Quick notes, not comprehensive:
 >   * The changes file doesn't say which version this is a bugfix on.
 (Does "make check" pass?)

 Some release early in the 0.3.0 series, probably

 >   * Should this be a backport candidate for any earlier versions?

 0.3.0 and 0.3.1.

 >   * It looks like the first two commits on this branch are actually part
 of #23862, and already merged into 0.3.2?
 >   * Minor: The `relay_digest` argument to
 dir_microdesc_download_failed() would be better named "dir_id" or
 something, since it's the identity of the failing directory server?
 >   * Digestmap_t would be a better type to use for
 outdated_dirserver_list, but we can fix that later if need be.
 >   * Should entries on outdated_dirserver_list expire after some amount
 of time, in addition to just "whenever we get the next consensus?"

 This is potentially dangerous, because it could create slow zombies.
 If we do this, 1 hour (consensus interval), 3 hours (live consensus), or
 24 hours (reasonably live consensus) seem like reasonable expiry times,
 depending on when we stop fetching microdescs.

 >   * I wonder if we can think of a better name for this than "outdated
 dirserver" -- it's not outdated itself -- it just failed to give us
 microdescriptors for some consensus we had.

 It's a dirserver that has a consensus that we don't.

 >   * Do we check to make sure that the consensus is fairly recent before
 marking a dirserver as "outdated" in this way?

 We should check if our consensus is recent, and try to get a newer one.

 >   * Maybe we should make sure that we never mark an authority as

 Yes, I think this is #23863: rather than marking an authority outdated, we
 should mark the relay with the missing microdesc as dead.
 Until then, we should log a warning with the authority and specific
 microdesc id rather than marking the authority as dead.
 (Is it possible for an authority to be out of sync and not serve the
 latest microdescs? What should happen is that it should adopt the latest
 majority consensus, download its microdescs, and serve them.)

 > Adding teor in cc -- asn asked if you could review this patch too.  I'd
 like to merge it in the alpha coming out in a couple of days, if possible,
 though I understand you might not be able to review on that schedule.

 Referencing a trac comment is fragile, let's summarise the exponential
 backoff reasoning instead:
 + * #23817 comment:12 for teor's argument)
 Something like "since we use exponential backoff for directory fetches,
 clients should not fetch microdescs more than log2(3*3600) = 14 times per
 consensus. The backoff is random between last+1 and last*4, so we allow
 some extra fetches.".

 Would it help to have the log contain the missing microdesc IDs, or at
 least the first N of them?

 relay_is_outdated_dirserver should use smartlist_contains_string for
 consistency with relay_note_outdated_dirserver.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23817#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list