Opened 10 months ago

Closed 9 months ago

#24581 closed defect (implemented)

Don't crash when restarting Tor in the same process

Reported by: nickm Owned by: nickm
Priority: Medium Milestone: Tor: 0.3.3.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-mobile, s8-api, review-group-28
Cc: darkk, brade, mcs, ahf, nickm, mike@…, arthuredelstein Actual Points:
Parent ID: #23847 Points:
Reviewer: catalyst Sponsor: Sponsor8-must

Description

This is the most basic part of #23847 -- we want to restart in the same process without crashing immediately.

Child Tickets

Change History (6)

comment:1 Changed 10 months ago by nickm

Status: assignedneeds_review

I have this working in a branch restart_nocrash. Most of the work here was in #24337; this is just some additionl cleanup.

Note that this is NOT a complete fix for the parent bug: it's just a fix for the crashing part. I was, however, enable to use a socks port after restarting in-process, so that's something.

comment:2 Changed 10 months ago by nickm

Keywords: review-group-28 added

comment:3 Changed 9 months ago by catalyst

Reviewer: catalyst

comment:4 Changed 9 months ago by catalyst

The changes look good to me. If this fix allows restarting in the same process where we didn't before, does restarting cause anything dangerous to happen with OpenSSL, like PRNG state? Maybe we could document that there might be some security risks with restarting until we track them down.

comment:5 Changed 9 months ago by nickm

good idea. I'll add a note about possible security issues, and merge, if that's okay with you. I'll look at PRNG in particular. Can you help me brainstorm other things to check for?

comment:6 Changed 9 months ago by nickm

Resolution: implemented
Status: needs_reviewclosed

merged to master, with an extra commit for openssl as 42751e2123f6dcc87f3992d38c1889f7da981a7b. The PRNG wasn't being left unseeded or anything, but we _were_ failing to re-seed on restart.

Note: See TracTickets for help on using tickets.