[tor-relays] «Possible compression bomb» from Authority?

trinity pointard trinity.pointard at gmail.com
Wed Jun 7 22:26:18 UTC 2023


Hi,

I get these warnings from time to time too. I believe they are rather
benign, though I wonder how a document with a 25:1 compression ratio
can happen in practice.

> Interestingly it's the dirport that
> ie requested. I thought the dirport is no longer in use - do the
> authorities still offer it?

Authorities still provide a dirport, and relays are supposed to use it
over a tunneled directory request. I believe some authority operators
put varnish (or some other caching reverse-proxy) in front of their
dirport, to limit the load of serving those files. At the very least,
it reduces the amount of crypto required (none vs an OR connection),
for data which is already public and signed anyway.

On Wed, 7 Jun 2023 at 18:03, Felix <zwiebel at quantentunnel.de> wrote:
>
> Hi
>
> > Jun 03 04:04:33.000 [warn] Possible compression bomb; abandoning
> > stream. Jun 03 04:04:33.000 [warn] Unable to decompress HTTP body
> > (tried Zstandard compressed, on Directory connection (client reading)
> > with 199.58.81.140:80).
>
> We see the compression bomb warning from time to time
>
> The address seems to be longclaw. Interestingly it's the dirport that
> ie requested. I thought the dirport is no longer in use - do the
> authorities still offer it?
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


More information about the tor-relays mailing list