[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #2991 [Tor]: Confusing log messages when a DA starts using a new key

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #2991 [Tor]: Confusing log messages when a DA starts using a new key
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Wed, 17 Oct 2012 02:30:21 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 16 Oct 2012 22:30:29 -0400
In-reply-to: <047.b9ede633d53da436e312f478aaa31c44@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.b9ede633d53da436e312f478aaa31c44@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#2991: Confusing log messages when a DA starts using a new key
------------------------+---------------------------------------------------
 Reporter:  rransom     |          Owner:                  
     Type:  defect      |         Status:  new             
 Priority:  normal      |      Milestone:  Tor: unspecified
Component:  Tor         |        Version:                  
 Keywords:  tor-client  |         Parent:                  
   Points:              |   Actualpoints:                  
------------------------+---------------------------------------------------

Comment(by sysrqb):

 Based on the two messages, at the time maatuska's:
   a) newest key was not in the trusted_dir_certs table
   b) trusted_dir_certs contained its most-current descriptor (?)

 Assumption:
 a) maatuska called authority_certs_fetch_missing which resulted it in
 checking if it had a certificate for each of the signatures on the status.
 It didn't have a cert for itself (with the correct sig) stored in its
 digestmap, so it launched the request.

 b) when the request came in, already_have_cert was called to ensure it
 wasn't a duplicate. already_have_cert takes the cert and compares its
 cache_info.signed_descriptor_digest with the
 cache_info.signed_descriptor_digest for every cert that's stored in
 trusted_dir_certs.

 So, assuming (a) and (b) are reasonably well founded, is there a reason
 the two checks are comparing different digests? I understand that (b) is
 more comprehensive/accurate but the descriptor digest doesn't include the
 DA's signing key, does it? Because if not then the descriptor digest
 wouldn't change when the signing key changed, if I understand what's
 contained in the descriptor correctly.

 Also, based on the above and the assumption there is a connection to #5595
 (which seems likely), the discrepancy between the two comparisons would
 lead to the repeated downloading of the certificate until the new cert was
 actually added to the digestmap.

 I'll keep digging and please correct me where I am wrong.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2991#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: [tor-bugs] #7128 [TorBrowserButton]: Tor Browser crashes when clicking on link
Next by Author: Re: [tor-bugs] #7127 [EFF-HTTPS Everywhere]: Youtube live streaming broken
Previous by thread: Re: [tor-bugs] #7128 [TorBrowserButton]: Tor Browser crashes when clicking on link
Next by thread: Re: [tor-bugs] #2991 [Tor]: Confusing log messages when a DA starts using a new key
Index(es):
- Author
- Thread