[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Problems running TOR for an extended period



On Mon, Jul 17, 2006 at 02:41:15AM +0200, Jan Danielsson wrote:
 [...]
>    I'd rather like to find a real solution to the problem. Mainly,
> getting a working gethostbyname_r(). Btw.. What is the origin of
> gethostbyname_r()? Does it exist in all common/mainstream unicies?

Pretty much, except for the (I hope you'll forgive the term) less
popular BSDs.  OpenBSD claims to have a gethostbyname_r, but it is
lying: it just #defines gethostbyname_r to gethostbyname.  (This is
the moral equivalent of keeping your rat poison in a jar labeled
"cookies".)

>    As a side note, I don't understand why the calls to gethostbyname()
> can't be mutex'd on BSD systems, rather than just switching over to an
> all fork'd design. Are there other calls which are affected as well?

We _could_ go multithreaded and make it block, but performance on exit
nodes would suck.  When two users wanted to make exit connections at
the same time, one wouldn't start a DNS lookup until the other was
done.  Also, an attacker could shut down all DNS requests just by
making requests that would take a long time to complete.

Right now, we're trying a different approach.  In version 0.1.2.x,
we're trying an approach where we add a built-in async DNS resolver to
Tor and don't use the platform DNS resolver at all: this way, we don't
need to be multithreaded.  Right now, it seems to have a bug that
creates a periodic segfault, but watch this space: I hope we'll get it
straightened out soon.

yrs,
-- 
Nick Mathewson

Attachment: pgpShpMlU0XkM.pgp
Description: PGP signature