[tor-bugs] #23672 [Core Tor/Tor]: hs-v3: With multiple SOCKS connection to the same .onion, don't trigger a descriptor fetch for each connection
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Sep 27 13:12:50 UTC 2017
#23672: hs-v3: With multiple SOCKS connection to the same .onion, don't trigger a
descriptor fetch for each connection
------------------------------+-----------------------------------------
Reporter: dgoulet | Owner: dgoulet
Type: defect | Status: assigned
Priority: Medium | Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: tor-hs, tor-client, prop224
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+-----------------------------------------
This comes out of #23653 for a v3 only fix because a patch for v2 requires
more refactoring.
We should only have one descriptor fetch at a time to an HSDir and not
open one for each SOCKS connection. Because of how the client hsdir
request cache works, you can't request the same .onion to the same HSDir
inside a 15 minutes time frame (woa that is big). Thus, if we open 6 SOCKS
requests and they all trigger a fetch, all HSDir are put in the cache and
we can't query any of them while they are opened or until an error
happened or until we can ultimately connect to the service.
Thus comes a bug where the 7th SOCKS connection (opened rapidly after the
6) will always fail because no HSDir can be used (#15937)
What we should do:
1. At each SOCKS connection, check if we have a pending directory fetch
for the .onion and if so, wait on it.
2. On a fetch internal error, not allowed because of
`FetchHidServDescriptors 0` or no more HSDir are usable, close all pending
SOCKS connections instead of making them timeout (#23653).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23672>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list