[tor-bugs] #32040 [Core Tor/Tor]: HS intro padding machine reactivates after receiving INTRODUCE_ACK

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Oct 29 07:24:32 UTC 2019 

#32040: HS intro padding machine reactivates after receiving INTRODUCE_ACK
-----------------------------+------------------------------------
 Reporter:  asn              |          Owner:  (none)
     Type:  defect           |         Status:  new
 Priority:  Medium           |      Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor     |        Version:
 Severity:  Normal           |     Resolution:
 Keywords:  wtf-pad padding  |  Actual Points:
Parent ID:                   |         Points:  1
 Reviewer:                   |        Sponsor:  Sponsor2
-----------------------------+------------------------------------

Comment (by asn):

 As a summary to the above, this bug appears when the intro point machine
 sends all its padding and terminates before it sends the INTRODUCE_ACK,
 which causes a reactivation upon transitioning to introduce_acked purpose
 (which is in the machine's accepted purposes).

 I did an experiment by creating 500 introduction circuits. Out of which:
 - 437 circuits displayed the above buggy pattern (machine finished padding
 before intro_ack and reactivated).
 - 63 circuits did not bug out (machine had leftover padding when intro_ack
 arrived so it did not activate twice).

 This is not an urgent issue because our machines are not super good at
 hiding circuits anyway, but it's something we should have a fix for for
 future machines and also for improvements of the current machines.

 In particular the issue here is that if we remove the intro_acked purpose
 from the accepted purposes list, the machine will terminate early if the
 intro_ack arrives early, but when intro_acked is in the purpose list, the
 machine can reactivate if the intro_ack arrives late (this bug).

 Perhaps we need another purpose list called `tolerated_purpose_list` which
 we can add `intro_acked` and the machine won't activate if it enters that
 purpose, but it will also tolerate it if it enters that purpose in the
 middle of the run?

 How else can we fix this issue?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32040#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list