[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #1145 [Tor Client]: Tor fails to load auth-certs
#1145: Tor fails to load auth-certs
--------------------------------+-------------------------------------------
Reporter: knappo | Type: defect
Status: needs_review | Priority: minor
Milestone: Tor: 0.2.2.x-final | Component: Tor Client
Version: 0.2.1.20 | Resolution: None
Keywords: easy | Parent:
--------------------------------+-------------------------------------------
Comment(by Sebastian):
I'm not really happy with this patch. It does make the warning appear less
often during normal bootstrapping, and instead of one warning it gives
lots:
{{{
[notice] OpenSSL OpenSSL 0.9.8l 5 Nov 2009 looks like version 0.9.8l; I
will try SSL3_FLAGS to enable renegotation.
[notice] No current certificate known for authority moria1; launching
request.
[notice] No current certificate known for authority tor26; launching
request.
[notice] No current certificate known for authority dizum; launching
request.
[notice] No current certificate known for authority ides; launching
request.
[notice] No current certificate known for authority gabelmoo; launching
request.
[notice] No current certificate known for authority dannenberg; launching
request.
[notice] No current certificate known for authority urras; launching
request.
[notice] No current certificate known for authority maatuska; launching
request.
[notice] Bootstrapped 5%: Connecting to directory server.
[notice] I learned some more directory information, but not enough to
build a circuit: We have no network-status consensus.
[notice] Bootstrapped 10%: Finishing handshake with directory server.
[notice] Bootstrapped 15%: Establishing an encrypted directory connection.
[notice] Bootstrapped 20%: Asking for networkstatus consensus.
[notice] Bootstrapped 25%: Loading networkstatus consensus.
[warn] Consensus includes unrecognized authority 'gabelmoo-legacy' at
80.190.246.100:8180 (contact n/a; identity
81349FC1F2DBA2C2C11B45CB9706637D480AB913)
[warn] Consensus includes unrecognized authority 'moria1-legacy' at
128.31.0.34:9131 (contact n/a; identity
E2A2AF570166665D738736D0DD58169CC61D8A8B)
[warn] Looks like we need to download a new certificate from authority
'tor26' at 86.59.21.38:80 (contact Peter Palfrader; identity
14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4)
[warn] Looks like we need to download a new certificate from authority
'ides' at 216.224.124.114:9030 (contact Mike Perry
<mikeperryTAfsckedTODorg>; identity
27B6B5996C426270A5C95488AA5BCEB6BCC86956)
[warn] Looks like we need to download a new certificate from authority
'maatuska' at 213.115.239.118:443 (contact 4096R/23291265 Linus Nordberg
<linus@xxxxxxxxxxx>; identity 49015F787433103580E3B66A1707A00E60F2D15B)
[warn] Looks like we need to download a new certificate from authority
'dannenberg' at dannenberg.ccc.de:80 (contact Andreas Lehner
<anonymizer@xxxxxx>; identity 585769C78764D58426B8B52B6651A5A71137189A)
[warn] Looks like we need to download a new certificate from authority
'urras' at 208.83.223.34:443 (contact 4096R/E012B42D Jacob Appelbaum
<jacob@xxxxxxxxxxxxx>; identity 80550987E1D626E3EBA5E5E75A458DE0626D088C)
[warn] Looks like we need to download a new certificate from authority
'moria1' at 128.31.0.34:9131 (contact 1024D/28988BF5 arma mit edu;
identity D586D18309DED4CD6D57C18FDB97EFA96D330566)
[warn] Looks like we need to download a new certificate from authority
'dizum' at 194.109.206.212:80 (contact 1024R/8D56913D Alex de Joode
<adejoode@xxxxxxxxxxxx>; identity
E8A9C45EDE6D711294FADF8E7951F4DE6CA56B58)
[warn] Looks like we need to download a new certificate from authority
'gabelmoo' at 80.190.246.100:8180 (contact 1024D/F7C11265 Karsten Loesing
<karsten dot loesing AT gmx dot net>; identity
ED03BB616EB2F60BEC80151114BB25CEF515B226)
[warn] A consensus needs 5 good signatures from recognized authorities for
us to accept it. This one has 0. 2 of the authorities we know didn't sign
it. It has 2 signatures from authorities we don't recognize. We were
unable to check 8 of the signatures, because we were missing the keys.
[notice] I learned some more directory information, but not enough to
build a circuit: We have no network-status consensus.
[notice] Bootstrapped 40%: Loading authority key certs.
[notice] Bootstrapped 45%: Asking for relay descriptors.
}}}
IMO what we should do here is to make sure we don't warn as easily,
especially because the warning happens frequently even on good
connections.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1145#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs