Opened 3 years ago

Last modified 6 months ago

#22204 assigned defect

I can't list a relay in my EntryNodes if it doesn't have the Guard flag

Reported by: arma Owned by:
Priority: High Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.3.0.6
Severity: Normal Keywords: regression, 032-unreached
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In the past, I could do

src/or/tor entrynodes moria1

and voila, I would begin using my Tor with moria1 as my entry node.

In the new world order, post prop#271 I assume, I instead get this complaint:

May 08 20:27:42.394 [warn] Your configuration excludes 100% of all possible guards. That's likely to make you stand out from the rest of the world.
May 08 20:27:42.394 [notice] Starting with guard context "restricted"
May 08 20:27:42.405 [notice] Bootstrapped 80%: Connecting to the Tor network
May 08 20:27:43.425 [warn] Failed to find node for hop 0 of our path. Discarding this circuit.

and then I never bootstrap.

This is clearly a regression. Is it intentional, and I should go read guard-spec.txt for why, or is it accidental?

Child Tickets

Change History (12)

comment:1 Changed 3 years ago by nickm

Keywords: 030-backport regression added
Milestone: Tor: 0.3.1.x-final

Not intentional, but wow, that's not the greatest idea.

comment:2 Changed 3 years ago by nickm

Owner: set to nickm
Status: newaccepted

comment:3 Changed 3 years ago by nickm

So, hm. This seemed easy to change, but I think it's actually a bit tricky. See, when somebody says "EntryNodes {de}", they probably should only get guard-flagged relays. But when somebody says "EntryNodes $fp1,$fp2" they probably want $fp1 and $fp2 whether they are guards or not.

One way we could resolve this is, if the EntryNodes line contains _only_ fingerprints, we build the {GUARDS} set from the EntryNodes directly. In this case we'd want to force use of the "restricted" set, or possible a new "enumerated" set.

But either way, this is more than a quick fix.

comment:4 Changed 3 years ago by acceleraTor

you may Want To Look into entrynodes.c around@
node_is_possible_guard
GS_TYPE_RESTRICTED

Last edited 3 years ago by acceleraTor (previous) (diff)

comment:5 Changed 3 years ago by arma

Another potentially helpful building block is how routerset_contains returns 4 in the case we care about here, and 2 for the {de} case.

comment:6 Changed 2 years ago by nickm

Milestone: Tor: 0.3.1.x-finalTor: 0.3.2.x-final

comment:7 Changed 2 years ago by nickm

Keywords: 032-unreached added
Milestone: Tor: 0.3.2.x-finalTor: unspecified

Mark a large number of tickets that I do not think we will do for 0.3.2.

comment:8 Changed 2 years ago by tmwu26

Status: acceptedneeds_revision

Having the same issues on latest verison of TBB.

comment:9 Changed 2 years ago by tmwu26

Priority: MediumHigh

comment:10 Changed 2 years ago by nickm

Status: needs_revisionnew

("needs_revision" is for tickets where there is a patch, but the patch needs to be changed.)

comment:11 Changed 22 months ago by nickm

Keywords: 030-backport removed

Remove 030-backport from all open tickets that have it: 0.3.0 is now deprecated.

comment:12 Changed 6 months ago by nickm

Owner: nickm deleted
Status: newassigned

I am not actually working on these tickets, so they shouldn't be assigned to me.

Note: See TracTickets for help on using tickets.