[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #6799 [Tor]: Don't expire unused relay-to-relay TLS conns so quickly



#6799: Don't expire unused relay-to-relay TLS conns so quickly
-------------------------+-------------------------------------------------
     Reporter:  arma     |      Owner:
         Type:  defect   |     Status:  needs_review
     Priority:  major    |  Milestone:  Tor: 0.2.5.x-final
    Component:  Tor      |    Version:
   Resolution:           |   Keywords:  tor-relay anonymity-attack
Actual Points:           |  025-triaged 024-backport andrea-review-0255
       Points:           |  Parent ID:
-------------------------+-------------------------------------------------

Comment (by arma):

 Looks plausible to me too. I've never fully grokked our is_canonical stuff
 (for example, how often in practice do we end up with two conns, each of
 which has one side thinking it's canonical?), but it looks like we're
 setting it as intended here.

 To be clear, if one side runs the new code and one side runs the old code,
 then the old-code side will still close the connections at the earlier
 schedule?

 And even if both sides are upgraded, then it isn't actually uniformly
 distributed between 15 and 22.5 minutes, since it will close first for
 whichever side chose the lower number? (This is fine, I just want to make
 sure I'm understanding it.)

 I'd feel more comfortable here if somebody bumped up the severity of the
 {{{
      log_info(LD_OR,"Expiring non-used OR connection to fd %d (%s:%d) "
 }}}
 line and then ran a network for a while in chutney, to confirm that things
 act roughly as we expect them to. But failing that, hey, what could go
 wrong.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6799#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs