Opened 7 months ago

Closed 8 weeks ago

#22349 closed defect (fixed)

dir auth attempts to fetch a descriptor every minute for every relay with mismatched rsa/ed key

Reported by: arma Owned by: nickm
Priority: Medium Milestone: Tor: 0.2.9.x-final
Component: Core Tor/Tor Version: Tor: 0.3.0.7
Severity: Normal Keywords: 029-backport, 030-backport, tor-dirauth, review-group-20
Cc: Actual Points:
Parent ID: Points: .2
Reviewer: isis Sponsor:

Description

moria1's logs are full of stanzas like this:

May 23 17:57:11.242 [info] handle_response_fetch_desc(): Received server info (body size 8933) from server '154.35.175.225:80'
May 23 17:57:11.244 [info] router_load_routers_from_string(): 4 elements to add
May 23 17:57:11.244 [info] dirserv_router_get_status(): Descriptor from router $2F7A826CC5B7E6D834ECA25E236A1351D389D195~EchoBase at 85.212.41.58 has an Ed25519 key, but the <rsa,ed25519> keys don't match what they were before.
May 23 17:57:11.244 [info] router_load_routers_from_string(): Marking router D3F5ABDFB2F5AED2E3D6C95F270953DEB3FCBC93 as never downloadable
May 23 17:57:11.244 [info] dirserv_router_get_status(): Descriptor from router $878413A9DE5AC497A2A5F200DA163F12D503FD8D~torlink2 at 128.199.242.75 has an Ed25519 key, but the <rsa,ed25519> keys don't match what they were before.
May 23 17:57:11.244 [info] router_load_routers_from_string(): Marking router E3E7039714569018DBF9880D5C4799054F0CE59C as never downloadable
May 23 17:57:11.244 [info] dirserv_router_get_status(): Descriptor from router $B5C45F1FD0DFE044772ED1B34160F6CF49B267EC~e35 at 88.75.214.223 has an Ed25519 key, but the <rsa,ed25519> keys don't match what they were before.
May 23 17:57:11.244 [info] router_load_routers_from_string(): Marking router E95C042AA6EB02AB262568B869A4D014E79EBE9F as never downloadable
May 23 17:57:11.244 [info] dirserv_router_get_status(): Descriptor from router $F94A792CE808F8FE39C80AD17CB2D0802F7B9D90~Void at 95.54.95.153 has an Ed25519 key, but the <rsa,ed25519> keys don't match what they were before.
May 23 17:57:11.244 [info] router_load_routers_from_string(): Marking router D56C3F9C4627222890C0C49543370499AA2D7CD6 as never downloadable
May 23 17:57:11.261 [info] handle_response_fetch_desc(): Received 4/4 router descriptors requested from 154.35.175.225:80

In fact, check out this line:

May 23 17:59:11.167 [info] update_consensus_router_descriptor_downloads(): 16 router descriptors downloadable. 0 delayed; 7180 present (615 of those were in old_routers); 0 would_reject; 0 wouldnt_use; 0 in progress.

(The number '16' is the same number as in #22348.)

I have a new line, once per minute, for each relay whose keys I think are mismatched.

It looks like I am failing to actually mark the descriptor as undownloadable, or I am failing to stick with my decision once it was marked.

Child Tickets

Change History (12)

comment:1 Changed 7 months ago by teor

Keywords: 029-backport 030-backport added
Milestone: Tor: 0.3.1.x-final

I think this is something we should fix in 0.3.1, and then backport to 0.2.9.

comment:2 Changed 6 months ago by nickm

Keywords: tor-dirauth added
Owner: set to nickm
Status: newaccepted

comment:3 Changed 6 months ago by nickm

Points: .2

Here's an oniongit.eu merge request. Let's try it out! https://oniongit.eu/network/tor/merge_requests/1

This branch is also in bug22349_029 in my public repository.

comment:5 Changed 6 months ago by nickm

Status: acceptedneeds_review

comment:6 Changed 5 months ago by nickm

Keywords: review-group-20 added

Creating review-group-20

comment:7 Changed 5 months ago by isis

Reviewer: isis

comment:8 in reply to:  3 Changed 5 months ago by isis

Replying to nickm:

Here's an oniongit.eu merge request. Let's try it out! https://oniongit.eu/network/tor/merge_requests/1

This branch is also in bug22349_029 in my public repository.


I was very excite to review there, but then nothing was wrong with your patch, so there was nothing to comment on except an overall "LGTM"! Next time you should make your patch have bugs or be controversial in some way! ;)

comment:9 Changed 5 months ago by isis

Status: needs_reviewmerge_ready

comment:10 Changed 5 months ago by nickm

Milestone: Tor: 0.3.1.x-finalTor: 0.3.0.x-final

Merged in 0.3.1; marking for possible backport to 0.3.0 and 0.2.9 if nothing goes boom

comment:11 Changed 8 weeks ago by nickm

Milestone: Tor: 0.3.0.x-finalTor: 0.2.9.x-final

Merged to 0.2.9 and forward.

comment:12 Changed 8 weeks ago by nickm

Resolution: fixed
Status: merge_readyclosed
Note: See TracTickets for help on using tickets.