Problems running TOR for an extended period
Nick Mathewson
nickm at freehaven.net
Mon Jul 17 00:48:30 UTC 2006
On Mon, Jul 17, 2006 at 02:41:15AM +0200, Jan Danielsson wrote:
[...]
> I'd rather like to find a real solution to the problem. Mainly,
> getting a working gethostbyname_r(). Btw.. What is the origin of
> gethostbyname_r()? Does it exist in all common/mainstream unicies?
Pretty much, except for the (I hope you'll forgive the term) less
popular BSDs. OpenBSD claims to have a gethostbyname_r, but it is
lying: it just #defines gethostbyname_r to gethostbyname. (This is
the moral equivalent of keeping your rat poison in a jar labeled
"cookies".)
> As a side note, I don't understand why the calls to gethostbyname()
> can't be mutex'd on BSD systems, rather than just switching over to an
> all fork'd design. Are there other calls which are affected as well?
We _could_ go multithreaded and make it block, but performance on exit
nodes would suck. When two users wanted to make exit connections at
the same time, one wouldn't start a DNS lookup until the other was
done. Also, an attacker could shut down all DNS requests just by
making requests that would take a long time to complete.
Right now, we're trying a different approach. In version 0.1.2.x,
we're trying an approach where we add a built-in async DNS resolver to
Tor and don't use the platform DNS resolver at all: this way, we don't
need to be multithreaded. Right now, it seems to have a bug that
creates a periodic segfault, but watch this space: I hope we'll get it
straightened out soon.
yrs,
--
Nick Mathewson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 654 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20060716/f091b19e/attachment.pgp>
More information about the tor-talk
mailing list