[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #5623 [Tor Client]: directory_initiate_command() can pick a directory mirror which we later refuse as being in ExcludeExitNodes
#5623: directory_initiate_command() can pick a directory mirror which we later
refuse as being in ExcludeExitNodes
------------------------+---------------------------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.3.x-final
Component: Tor Client | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
In set my torrc to be the same as in #5610, restarted my Tor, and it
wanted to fetch a microdesc.
{{{
Apr 13 18:54:04.000 [info] launch_descriptor_downloads(): Launching 1
request for 1 router, 4 at a time
Apr 13 18:54:04.000 [debug] smartlist_choose_node_by_bandwidth_weights():
Choosing node for rule weight as directory based on weights Wg=0.307700
Wm=1.000000 We=0.000000 Wd=0.128000 with total bw 571593023.800000
Apr 13 18:54:04.000 [debug] directory_initiate_command_rend(): anonymized
0, use_begindir 1.
Apr 13 18:54:04.000 [debug] directory_initiate_command_rend(): Initiating
microdescriptor fetch
Apr 13 18:54:04.000 [info] connection_ap_make_link(): Making internal
direct tunnel to 188.138.82.143:443 ...
Apr 13 18:54:04.000 [debug] connection_add_impl(): new conn type Socks,
socket -1, address (Tor_internal), n_conns 3.
Apr 13 18:54:04.000 [warn] Requested exit point
'$2BC7B25AFFACBB861872248D3E19D77EE71CE1CE' is excluded or would refuse
request. Closing.
Apr 13 18:54:04.000 [warn] Making tunnel to dirserver failed.
}}}
Looks like launch_descriptor_downloads() calls
initiate_descriptor_downloads() which calls directory_get_from_dirserver()
which calls router_pick_directory_server() which does not exclude exits.
I believe we don't want to exclude exits in this case. Quoting from
ChangeLog,
{{{
. "Exit", in the context of ExitNodes and ExcludeExitNodes, means
a node that delivers user traffic outside the Tor network.
}}}
So I think the bug is in connection_ap_can_use_exit(). Probably where it
says
{{{
if (routerset_contains_node(options->_ExcludeExitNodesUnion, exit)) {
/* Not a suitable exit. Refuse it. */
return 0;
}
}}}
without checking if conn->use_begindir.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5623>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs