[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #18963 [Core Tor/Tor]: Download authority certificates even under blackholed authorities or fallbacks

#18963: Download authority certificates even under blackholed authorities or
fallbacks
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:
     Type:  defect                               |         Status:
 Priority:  Medium                               |  needs_review
Component:  Core Tor/Tor                         |      Milestone:  Tor:
 Severity:  Normal                               |  0.2.8.x-final
 Keywords:  must-fix-before-028-rc,              |        Version:  Tor:
  029-proposed                                   |  0.2.8.1-alpha
Parent ID:  #18816                               |     Resolution:
 Reviewer:                                       |  Actual Points:
                                                 |         Points:  small
                                                 |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by teor):

 * status:  needs_revision => needs_review


Comment:

 Replying to [comment:6 nickm]:
 > Shadowing bug:
 > {{{
 > +  /* Look up the routerstatus for the dir_hint  */
 > +  const routerstatus_t *rs = NULL;
 > +
 > +  if (dir_hint) {
 > +    /* First try the consensus routerstatus, then the fallback
 > +     * routerstatus */
 > +    const routerstatus_t *rs =
 router_get_consensus_status_by_id(dir_hint);
 > }}}
 >
 > That inner declaration of rs shouldn't be a declaration.

 NM1: We should turn on -Wshadow or something :-)
 67662ec fixup! Fetch certificates from the same directory as the consensus

 >
 > Other than that, looks good.  One thing I would like to make sure I
 understand, though: what is it that makes us -not- retry the same
 directory server forever here?  Is it the fact that if that server at some
 point refuses to give us a certificate we asked for, we will then try to
 download it with dir_hint set to NULL?

 Yes, the logic is as follows:
 * when we successfully download a consensus, and we need certificates to
 validate it, download certificates from the same directory
 * as long as there are no failures when downloading certificates, and we
 keep getting at least one new authority certificate, download other
 certificates from the same directory
 * otherwise, try a random directory

 Added a comment explaining that in:
 67662ec fixup! Fetch certificates from the same directory as the consensus

 Don't retry the same source_dir if any certificate is bad:
 a6c2bcd fixup! Fetch certificates from the same directory as previous
 certificates

 Only retry the same source_dir as long as it delivers at least one
 authority certificate:
 dafbf46 fixup! fixup! Fetch certificates from the same directory as
 previous certificates

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18963#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs