[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #33693 [Circumvention/Snowflake]: snowflake's 0.0.3.0 dummy address means rate limits are skipped means BW controller events show no bandwidth used



#33693: snowflake's 0.0.3.0 dummy address means rate limits are skipped means BW
controller events show no bandwidth used
-------------------------------------+--------------------------
 Reporter:  arma                     |          Owner:  cohosh
     Type:  defect                   |         Status:  assigned
 Priority:  Medium                   |      Milestone:
Component:  Circumvention/Snowflake  |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:                           |  Actual Points:
Parent ID:  #19001                   |         Points:
 Reviewer:                           |        Sponsor:
-------------------------------------+--------------------------

Comment (by arma):

 Replying to [comment:2 cohosh]:
 > Look at this helpful comment for the `connection_is_rate_limited()`
 function:
 >
 > {{{
 > /** Return 1 if we should apply rate limiting to <b>conn</b>, and 0
 >  * otherwise.
 >  * Right now this just checks if it's an internal IP address or an
 >  * internal connection. We also should, but don't, check if the
 connection
 >  * uses pluggable transports, since we should then limit it even if it
 >  * comes from an internal IP address. */

 Huh. I don't think that's true. Who wrote that garbage?! git blame says it
 was...that arma guy. What does he know. :) (git commit f6639d56 for those
 following along at home)

 In particular, I think that comment was aiming to talk about the *bridge*
 side, and it was true before the ExtORPort existed. Now connections from
 the ExtORPort report their external address, and Tor treats the connection
 as having come to the ORPort from that external address, so it gets proper
 bandwidth accounting and proper rate limiting. (See
 connection_ext_or_handle_cmd_useraddr() for where this happens.)

 That said, there is an edge case where you can use ExtORPort wrong, and
 #33157 hit it in Snowflake, so I have opened #33747 to handle it better on
 the Tor side.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33693#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs