Opened 7 months ago

Closed 7 months ago

#21586 closed defect (fixed)

Assertion my_rsa_cert failed in sr_generate_our_commit when BridgeAuthoritativeDir 1

Reported by: arma Owned by: asn
Priority: Medium Milestone: Tor: 0.3.1.x-final
Component: Core Tor/Tor Version: Tor: 0.2.9.9
Severity: Normal Keywords: tor-sr
Cc: Actual Points:
Parent ID: Points:
Reviewer: dgoulet Sponsor:

Description

Running Tor 0.2.9.9:

$ src/or/tor BridgeAuthoritativeDir 1
Mar 01 01:09:03.633 [notice] Tor 0.2.9.9 (git-56788a2489127072) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8.
Mar 01 01:09:03.634 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Mar 01 01:09:03.634 [notice] Read configuration file "/usr/local/etc/tor/torrc".
Mar 01 01:09:03.638 [warn] ControlPort is open, but no authentication method has been configured.  This means that any program on your computer can reconfigure your Tor.  That's bad!  You should upgrade your Tor controller as soon as possible.
Mar 01 01:09:03.639 [notice] Opening Socks listener on 127.0.0.1:9050
Mar 01 01:09:03.639 [notice] Opening Control listener on 127.0.0.1:9051
Mar 01 01:09:03.639 [notice] Opening Control listener on /home/arma/.tor/control
Mar 01 01:09:03.639 [warn] Your log may contain sensitive information - you disabled SafeLogging, and you're logging more than "notice". Don't log unless it serves an important reason. Overwrite the log afterwards.
Mar 01 01:09:03.647 [notice] Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now.
Mar 01 01:09:03.715 [notice] Bootstrapped 0%: Starting
Mar 01 01:09:04.220 [notice] Bootstrapped 80%: Connecting to the Tor network
Mar 01 01:09:04.220 [err] tor_assertion_failed_(): Bug: src/or/shared_random.c:908: sr_generate_our_commit: Assertion my_rsa_cert failed; aborting. (on Tor 0.2.9.9 56788a2489127072)
Mar 01 01:09:04.221 [err] Bug: Assertion my_rsa_cert failed in sr_generate_our_commit at src/or/shared_random.c:908. Stack trace: (on Tor 0.2.9.9 56788a2489127072)
Mar 01 01:09:04.221 [err] Bug:     src/or/tor(log_backtrace+0x42) [0x7f6fab7a1442] (on Tor 0.2.9.9 56788a2489127072)
Mar 01 01:09:04.221 [err] Bug:     src/or/tor(tor_assertion_failed_+0x8c) [0x7f6fab7b917c] (on Tor 0.2.9.9 56788a2489127072)
Mar 01 01:09:04.221 [err] Bug:     src/or/tor(sr_generate_our_commit+0x2ce) [0x7f6fab6b251e] (on Tor 0.2.9.9 56788a2489127072)
Mar 01 01:09:04.221 [err] Bug:     src/or/tor(sr_state_update+0x239) [0x7f6fab6b4e49] (on Tor 0.2.9.9 56788a2489127072)
Mar 01 01:09:04.221 [err] Bug:     src/or/tor(sr_state_init+0x8c) [0x7f6fab6b531c] (on Tor 0.2.9.9 56788a2489127072)
Mar 01 01:09:04.221 [err] Bug:     src/or/tor(do_main_loop+0x486) [0x7f6fab69ea16] (on Tor 0.2.9.9 56788a2489127072)
Mar 01 01:09:04.221 [err] Bug:     src/or/tor(tor_main+0x1c25) [0x7f6fab6a1ee5] (on Tor 0.2.9.9 56788a2489127072)
Mar 01 01:09:04.221 [err] Bug:     src/or/tor(main+0x19) [0x7f6fab69a179] (on Tor 0.2.9.9 56788a2489127072)
Mar 01 01:09:04.221 [err] Bug:     /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f6fa9c8db45] (on Tor 0.2.9.9 56788a2489127072)
Mar 01 01:09:04.221 [err] Bug:     src/or/tor(+0x401c9) [0x7f6fab69a1c9] (on Tor 0.2.9.9 56788a2489127072)
Aborted

Probably we want to handle this weird error case more gracefully.

Pointed out by a user on #tor who seemed to be confused and enabling all sorts of config options.

Child Tickets

Change History (4)

comment:1 Changed 7 months ago by dgoulet

Keywords: tor-sr added
Milestone: Tor: 0.3.1.x-final
Owner: set to asn
Status: newassigned

comment:2 Changed 7 months ago by asn

Status: assignedneeds_review

The bug here is that we were using authdir_mode_publishes_statuses() to decide whether to initialize the SR subsystem or not. The problem is that that function would also return True if we are BridgeAuthoritativeDir which is something we don't want.

Please see fix in my bug21586 branch. It's as simple as:

/* Setup shared random protocol subsystem. */
-  if (authdir_mode_publishes_statuses(get_options())) {
+  if (authdir_mode_v3(get_options())) {
     if (sr_init(1) < 0) {
       return -1;
     }

Let's keep this bug for 0.3.1; it's not critical enough for 0.3.0 IMO.

comment:3 Changed 7 months ago by dgoulet

Reviewer: dgoulet
Status: needs_reviewmerge_ready

lgtm;

comment:4 Changed 7 months ago by nickm

Resolution: fixed
Status: merge_readyclosed

merged in master

Note: See TracTickets for help on using tickets.