[tor-bugs] #33029 [Core Tor/Tor]: dir-auth: Dir auths should resume sending 503's but never to relays or other dir auths

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jan 27 03:38:38 UTC 2020 

#33029: dir-auth: Dir auths should resume sending 503's but never to relays or
other dir auths
-------------------------------------+------------------------------------
 Reporter:  dgoulet                  |          Owner:  dgoulet
     Type:  defect                   |         Status:  needs_revision
 Priority:  Medium                   |      Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor             |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:  tor-dirauth 043-should?  |  Actual Points:
Parent ID:  #33018                   |         Points:  0.4
 Reviewer:                           |        Sponsor:
-------------------------------------+------------------------------------

Comment (by arma):

 Replying to [comment:6 teor]:
 > Please check for authority IPv6 addresses. I'm just about to make relays
 use IPv6 to authorities as part of sponsor 55, so we need an IPv6 check
 when we whitelist relays.

 Thanks, teor, this is a great point.

 I actually think I have a better plan that will accomplish your goal and
 the rest of these goals better: let's make sure the dir auth addresses
 (all of them) are added to the bloom filter that
 nodelist_probably_contains_address() checks, and then just only check that
 and we're done. That is, the logic should be: "if we're a dir auth, always
 answer every question from other relays."

 It looks like the ipv6 address for relays gets added properly in
 node_add_to_address_set():
 {{{
     if (!tor_addr_is_null(&node->rs->ipv6_addr))
       address_set_add(the_nodelist->node_addrs, &node->rs->ipv6_addr);
 [...]
     if (!tor_addr_is_null(&node->ri->ipv6_addr))
       address_set_add(the_nodelist->node_addrs, &node->ri->ipv6_addr);
 [...]
     if (!tor_addr_is_null(&node->md->ipv6_addr))
       address_set_add(the_nodelist->node_addrs, &node->md->ipv6_addr);
 }}}

 So the change we would want to make is in or near
 nodelist_set_consensus(), where right after we call
 {{{
   /* Now add all the nodes we have to the address set. */
   SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
     node_add_to_address_set(node);
   } SMARTLIST_FOREACH_END(node);
 }}}
 we call some similar thing that loops through trusted_dir_servers and
 calls address_set_add() and/or address_set_add_ipv4h() on each known dir
 auth address. That way we get the dir auth addresses in the consensus
 because they are relays, and we get the configured addresses (if
 different) with this new code.

 And then the minor worry in dgoulet's code about "if this shows up in the
 profile, we can move to have an address set instead" gets resolved too
 because it is just one thing we are checking.

 And as a tiny bonus, we handle dir auth addresses as though they are
 relays from the perspective of the DoS module, which is probably a thing
 we should have done from the beginning there anyway.

 Do you buy all of that, dgoulet and teor?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33029#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list