Opened 4 years ago

Closed 3 years ago

Last modified 3 years ago

#17150 closed defect (fixed)

Tor 0.2.7.3-rc: "Extrainfo digest did not match digest256 from routerdesc"

Reported by: toralf Owned by: nickm
Priority: Medium Milestone: Tor: 0.2.7.x-final
Component: Core Tor/Tor Version: Tor: 0.2.7
Severity: Normal Keywords: 027-backport
Cc: Actual Points: 0.3
Parent ID: Points: small
Reviewer: Sponsor:

Description

Installing tor the 2nd time in a row gives tons of these warnings :

Sep 24 23:00:53.000 [warn] router info incompatible with extra info (ri id: 000149E6EF7102AACA9690D6E8DD2932124B94AB, ei id 000149E6EF7102AACA9690D6E8DD2932124B94AB, reason: Extrainfo digest did not match digest256 from routerdesc)
...

Child Tickets

Change History (20)

comment:1 Changed 4 years ago by nickm

Milestone: Tor: 0.2.7.x-final

Hm. This should probably get downgraded if it's happening from cache. My guess would be that it happens when you already downloaded a bunch of new ris but haven't gotten the corresponding eis yet.

comment:2 Changed 4 years ago by nickm

Digest256 for extrainfo is new in 0.2.7 though. I wonder...

comment:3 Changed 4 years ago by nickm

I wonder if this code in routerparse.c could be wrong...

  crypto_digest256((char*)extrainfo->digest256, s, end-s, DIGEST_SHA256);

Maybe s is the wrong starting point or end is the wrong ending point...

comment:4 Changed 4 years ago by nickm

0b819a2a is where we started enforcing this, and that went into 0.2.7.2-alpha...

comment:5 Changed 4 years ago by nickm

Owner: set to nickm
Priority: normalmajor
Status: newaccepted

comment:6 Changed 4 years ago by nickm

Summary: re-installing tor.00.2.7.3 yields toTor 0.2.7.3-rc: "Extrainfo digest did not match digest256 from routerdesc"

comment:7 Changed 4 years ago by rl1987

Severity: Normal

I pushed one more commit to fix GCC warnings. Valgrind shows no memory issues.

comment:8 Changed 4 years ago by nickm

(I think that comment above was meant to go on another ticket, probably #16382)

comment:9 Changed 4 years ago by andrea

Milestone: Tor: 0.2.7.x-finalTor: 0.2.8.x-final

In backport pass for 0.2.7, and it doesn't look like this ticket ever got fixed. Reassigning to 0.2.8.x-final.

comment:10 Changed 4 years ago by nickm

Keywords: TorCoreTeam201605 added

These 0.2.8 items really should get handled in May. Or earlier.

comment:11 Changed 4 years ago by nickm

Calling all non-needs_information tickets for May.

comment:12 Changed 4 years ago by nickm

Keywords: 028-backport added
Points: small
Status: acceptedneeds_review

hey, there's a patch here.

comment:13 Changed 4 years ago by nickm

Keywords: TorCoreTeam201605 028-backport removed
Milestone: Tor: 0.2.8.x-finalTor: 0.2.???
Priority: HighMedium

wait, no there isn't. I think since the warning is already downgraded we can call this 0.2.???

comment:14 Changed 4 years ago by nickm

Status: needs_reviewnew

comment:15 Changed 3 years ago by nickm

#19017 is a duplicate, and suggests that this is not as fixed as we might hope.

comment:16 Changed 3 years ago by nickm

Actual Points: 0.3
Keywords: must-fix-before-028-rc added
Milestone: Tor: 0.2.???Tor: 0.2.8.x-final

comment:17 Changed 3 years ago by nickm

Keywords: 027-backport added
Status: newneeds_review

Please see my branch bug17150_027 for a possible fix (against 0.2.7) and an explanation of the bug.

My branch bug17150_027_extra has an extra fix on top of that branch which makes this error non-repeatable. I suggest that we don't take that extra fix into 0.2.7 (if we backport).

Note that in one of the commits (8acfac7375e7a0692193434704984d7eb507faf1) I chose to duplicate a field instead of moving it, to avoid conflicts with numerous dirauth fixes in 0.2.8 and beyond. The commit message discusses more.

comment:18 Changed 3 years ago by teor

Status: needs_reviewmerge_ready

The code in both of these branches looks good.
bug17150_027_extra passes the unit tests and make test-network-all.

Just one more thing that needs to be done:
"I should open another ticket about removing the field from routerinfo_t and extrainfo_t later on."

While I can see why we'd want to backport this to 0.2.7, is it a security bug?
Will weasel take it in the tor debian package?
If not, it's only worth backporting to 0.2.8.

comment:19 Changed 3 years ago by nickm

Keywords: must-fix-before-028-rc removed
Milestone: Tor: 0.2.8.x-finalTor: 0.2.7.x-final
Resolution: fixed
Status: merge_readyclosed

Merged to 0.2.8 and forward. Calling this a no-backport for 027.

comment:20 Changed 3 years ago by nickm

(I created the ticket above as #19073)

Note: See TracTickets for help on using tickets.