Opened 9 months ago

Last modified 4 months ago

#23605 new defect

BOOTSTRAP PROGRESS=80 is a lie

Reported by: catalyst Owned by:
Priority: High Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: bootstrap clock-skew tor-guard usability ux s8-errors
Cc: iry, brade, mcs Actual Points:
Parent ID: #22266 Points:
Reviewer: Sponsor: Sponsor8-can

Description

Tor can report BOOTSTRAP_STATUS_CONN_OR (PROGRESS=80, "Connecting to the Tor network") when it actually can do no such thing. In some situations (e.g., clock skew) this causes progress to get stuck at 80% indefinitely, resulting in very poor user experience.

Right now update_router_have_minimum_dir_info() reports the BOOTSTRAP_STATUS_CONN_OR event if there's a "reasonably live" consensus and enough descriptors downloaded. A client with a clock skewed several hours into the future can get stalled here indefinitely due to inability to select a guard: if the client's clock is skewed, it will never have a live consensus. (Guard selection seems to require a non-expired consensus, rather than a reasonably live consensus at least during bootstrap.)

We should either relax the guard selection consensus liveness requirement, or avoid reporting BOOTSTRAP_STATUS_CONN_OR when we have no reasonable chance of actually connecting to a guard for building application circuits.

Arguably we shouldn't start downloading descriptors until we have a non-expired consensus either, because that gets represented as a considerable chunk of the progress bar (40%->80%) in a way that could be misleading to a user. Making that change without additional work would cause bootstrap to get stuck at 40% instead of 80%, which might be an improvement. This can already happen if the client's clock is skewed several hours in the past.

Child Tickets

Change History (6)

comment:1 Changed 9 months ago by iry

Cc: iry added

comment:2 in reply to:  description Changed 9 months ago by arma

Replying to catalyst:

Arguably we shouldn't start downloading descriptors until we have a non-expired consensus either, because that gets represented as a considerable chunk of the progress bar (40%->80%) in a way that could be misleading to a user.

This is a really important thing to do, for the reason you describe but also for the even bigger reason that we're wasting bandwidth on fetching directory stuff that we will then probably not use -- which is an especially big deal on low-bandwidth clients. This is ticket #2878.

comment:3 Changed 9 months ago by catalyst

Sponsor: Sponsor8-can

comment:4 Changed 9 months ago by mcs

Cc: brade mcs added

comment:5 Changed 7 months ago by catalyst

Keywords: s8-errors added

comment:6 Changed 4 months ago by catalyst

Milestone: Tor: 0.3.3.x-finalTor: unspecified
Note: See TracTickets for help on using tickets.