[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #28458 [Core Tor/sbws]: Stop resolving domains locally and check same flags for the 2nd hop

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #28458 [Core Tor/sbws]: Stop resolving domains locally and check same flags for the 2nd hop
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 19 Nov 2018 15:03:51 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 19 Nov 2018 10:04:01 -0500
In-reply-to: <044.ac127f131da887e456a4ae227054fa33@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.ac127f131da887e456a4ae227054fa33@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#28458: Stop resolving domains locally and check same flags for the 2nd hop
---------------------------+--------------------------------
 Reporter:  juga           |          Owner:  juga
     Type:  defect         |         Status:  needs_revision
 Priority:  Medium         |      Milestone:
Component:  Core Tor/sbws  |        Version:  sbws: 1.0.0
 Severity:  Normal         |     Resolution:
 Keywords:                 |  Actual Points:
Parent ID:                 |         Points:
 Reviewer:                 |        Sponsor:
---------------------------+--------------------------------

Comment (by juga):

 Replying to [comment:14 pastly]:
 [...]
 > Replying to [comment:10 juga]
 > >> Do we need to give it a 50% chance of being measured like a non-exit?
 > > i don't understand what you mean as "non-exit", all relays are
 measured as non-exits (1st hop), the exits are chosen independently for
 the 2nd hop.
 >
 > Right now when sbws measures an exit, it tries to measure it in the 2nd
 hop position (ignoring DNS failures etc. etc)
 >
 > With your changes, all relays (exits and non-exits) are measured in the
 1st hop position. Why?
 >

 It was confusing:
 - what `_pick_ideal_second_hop` is doing, it is actually not second hop
 what it picks, but a helper.
 - `is_exit`, it can be intepreted as what the relay to measure is, not as
 what the candidates must be.
 - the criteria used to pick the 2nd hop (see below).
 I'll change those names in other ticket, so i don't get confused again.


 > I think there's two changes that should be made as part of this ticket,
 and somehow that's exploded into a lot of little buggy revisions.


 Solution:
 When you feel like reviewing a ticket, put yourself as reviewer, otherwise
 i'll assume nobody is going to review the ticket.
 I won't put any ticket to `needs_review` unless it has a reviewer.
 If it doesn't have reviewer, i might do the refactors that help me to
 solve the ticket in the same branch (in different commits).
 If you'd like to continue to review this ticket, please put yourself as
 reviewer. If not, no need to read more.


 > 2. When picking an exit helper (for measuring a non-exit or for
 measuring an exit that can't exit to our destination port, *it doesn't
 matter*), be sure to check that its exit policy allows exiting to our
 destination port.

 So, you're saying:
 1. when the helper is in the 2nd hop, check the exit policy.

 But currently, you're only checking that it has the exit flag
 (https://gitweb.torproject.org/sbws.git/tree/sbws/core/scanner.py#n140)

 2. it doesn't matter that the relay does *not* allow to exit to our
 destination port or is not an exit

 I agree, but currently as result of the else, it has to do *not* have
 badexit flag and do *not* allow to exit to our destination port
 (https://gitweb.torproject.org/sbws.git/tree/sbws/core/scanner.py#n186)

 In the current code, why would you check the policy of an exit and the
 badexit flag when you use the relay to measure in the 2nd hop and only
 check the exit flag when the helper is in the 2nd position?

 I think we should check that it allows to exit to our destination port in
 all cases (and no need to check exit flag cause if it can exit, it's an
 exit).

 Would you stop checking that it has *not* the badexit flag?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28458#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #28458 [Core Tor/sbws]: Stop resolving domains locally and stop using non-exits as 2nd hop
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #28578 [Internal Services/Service - git]: @help-infra cleanup
Next by Author: Re: [tor-bugs] #28335 [Core Tor/Tor]: Make most periodic events turn themselves off when Tor is dormant, sleeping, etc.
Previous by thread: Re: [tor-bugs] #28458 [Core Tor/sbws]: Stop resolving domains locally and check same flags for the 2nd hop
Next by thread: Re: [tor-bugs] #28458 [Core Tor/sbws]: Stop resolving domains locally and check same flags for the 2nd hop
Index(es):
- Author
- Thread