[tor-bugs] #25616 [Core Tor/Tor]: Non-fatal assertion in hs_desc_encode_descriptor similar to #24972
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Apr 4 12:50:50 UTC 2018
#25616: Non-fatal assertion in hs_desc_encode_descriptor similar to #24972
-------------------------------------------------+-------------------------
Reporter: alnsn | Owner: dgoulet
Type: defect | Status:
| accepted
Priority: High | Milestone: Tor:
| 0.3.3.x-final
Component: Core Tor/Tor | Version: Tor:
| 0.3.2.10
Severity: Normal | Resolution:
Keywords: regression, tor-hs, 032-backport, | Actual Points:
033-must 033-triage-20180326 |
033-included-20180326 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by asn):
We discussed this with David. The most likely source of this bug is that
we build the descriptor once (`build_service_descriptor()`) and then we
keep it for many hours and we just encode the same desc over and over
before publishing it (`upload_descriptor_to_hsdir()`. If the clock jumps
after descriptor build, certs in our descriptor might expire before we
encode it, and this BUG will get caused. Even tho the clock jumps, we
don't expire the descriptor because `should_rotate_descriptor()` actually
takes `ns` time as the authoritative source.
A solution here would be to re-build the whole descriptor everytime before
we encode it, so that we ensure that all certs are fresh before they enter
the encode/decode function.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25616#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list