Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#19973 closed defect (fixed)

ReachableAddresses applied too broadly

Reported by: nickm Owned by:
Priority: High Milestone: Tor: 0.2.8.x-final
Component: Core Tor/Tor Version: Tor:
Severity: Major Keywords: regression path TorCoreTeam201608
Cc: teor Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


The ReachableAddresses filter should only apply when picking a first node. But in 268608c in #17840 , it began to apply to the whole path.

This is bad for path selection, in proportion to the restrictiveness of your ReachableAddresses filter. It's probably not a hard break, but it's important to fix.

Teor found this issue and wrote a patch for it. It should go into an 028 release.

Child Tickets

Change History (6)

comment:1 Changed 4 years ago by nickm

My sample_path branch is supposed to help test this kind of thing.

comment:2 Changed 4 years ago by nickm

Status: newneeds_review

Teor's branch is in my public repository now as bug19973_028.

I hand-confirmed that this bug exists, and that this branch has the intended effect, by using ReachableAddresses to restrict myself to a class A network, and then using "GETINFO circuit-status" to see what paths were built.

comment:3 Changed 4 years ago by nickm

I believe that the patch is correct.

comment:4 Changed 4 years ago by dgoulet


I confirm also that I was able to reproduce nickm's experiment as well with the patch and confirm that the bug exists without it although Exit node picking doesn't seem to be affected but Guard and Middle are all strictly picked from the A network (ReachableAddresses filter).

comment:5 Changed 4 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Thanks also for testing here. I've merged this to maint-0.2.8 and forwards.

comment:6 Changed 4 years ago by nickm

Keywords: TorCoreTeam201608 added
Note: See TracTickets for help on using tickets.