Opened 8 years ago

Closed 8 years ago

#2472 closed defect (not a bug)

Find out if BridgeDB stores more than 1 IP address per bridge fingerprint

Reported by: karsten Owned by: kaner
Priority: Medium Milestone:
Component: Circumvention/BridgeDB Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

When sanitizing the bridge pool assignments for #2372, I noticed that the BridgeDB logs mention some bridge fingerprints more than once with changing IP addresses. Here is an example:

Sep 29 08:07:15 [DEBUG] Leaving bridge --.--.--.138:443 -----------------------------------bc654 unallocated
Sep 29 08:07:16 [DEBUG] Leaving bridge --.--.--.138:443 -----------------------------------bc654 unallocated
Sep 29 08:07:16 [DEBUG] Leaving bridge --.--.--.138:443 -----------------------------------bc654 unallocated
Sep 29 08:07:17 [DEBUG] Leaving bridge --.--.---.34:443 -----------------------------------bc654 unallocated
Sep 29 08:07:17 [DEBUG] Leaving bridge --.--.---.34:443 -----------------------------------bc654 unallocated
Sep 29 08:07:17 [DEBUG] Leaving bridge --.--.---.34:443 -----------------------------------bc654 unallocated
Sep 29 08:07:18 [DEBUG] Leaving bridge ---.--.---.219:443 -----------------------------------bc654 unallocated

Sep 29 08:07:12 [DEBUG] Adding bridge ---.---.--.3:443 -----------------------------------d80ca to email ring
Sep 29 08:07:16 [DEBUG] Adding bridge --.---.--.31:443 -----------------------------------d80ca to email ring
Sep 29 08:07:16 [DEBUG] Adding bridge --.---.--.31:443 -----------------------------------d80ca to email ring
Sep 29 08:07:17 [DEBUG] Adding bridge ---.---.--.238:443 -----------------------------------d80ca to email ring
Sep 29 08:07:17 [DEBUG] Adding bridge ---.---.--.238:443 -----------------------------------d80ca to email ring
Sep 29 08:07:17 [DEBUG] Adding bridge ---.---.--.253:443 -----------------------------------d80ca to email ring
Sep 29 08:07:17 [DEBUG] Adding bridge ---.---.--.253:443 -----------------------------------d80ca to email ring
Sep 29 08:07:17 [DEBUG] Adding bridge ---.---.--.54:443 -----------------------------------d80ca to email ring
Sep 29 08:07:17 [DEBUG] Adding bridge --.---.--.17:443 -----------------------------------d80ca to email ring
Sep 29 08:07:17 [DEBUG] Adding bridge ---.---.--.167:443 -----------------------------------d80ca to email ring
Sep 29 08:07:17 [DEBUG] Adding bridge ---.---.--.148:443 -----------------------------------d80ca to email ring
Sep 29 08:07:17 [DEBUG] Adding bridge ---.---.--.37:443 -----------------------------------d80ca to email ring
Sep 29 08:07:18 [DEBUG] Adding bridge ---.---.--.37:443 -----------------------------------d80ca to email ring
Sep 29 08:07:18 [DEBUG] Adding bridge --.---.--.117:443 -----------------------------------d80ca to email ring
Sep 29 08:07:18 [DEBUG] Adding bridge ---.---.--.26:443 -----------------------------------d80ca to email ring
Sep 29 08:07:18 [DEBUG] Adding bridge --.---.--.91:443 -----------------------------------d80ca to email ring
Sep 29 08:07:18 [DEBUG] Adding bridge ---.---.--.225:443 -----------------------------------d80ca to email ring
Sep 29 08:07:18 [DEBUG] Adding bridge ---.---.--.3:443 -----------------------------------d80ca to email ring
Sep 29 08:07:19 [DEBUG] Adding bridge ---.---.--.235:443 -----------------------------------d80ca to email ring

I didn't find a case when a bridge was added to different rings, but I didn't look closely. I wonder if this affects giving out bridges in some way, either by giving out a bridge's old IP address or by giving out a bridge more often than others.

Child Tickets

Change History (2)

comment:1 Changed 8 years ago by arma

Sounds like bridgedb could be reading in the cached-descriptors* files. I would expect those cache files to have the current descriptor as well as the previous descriptor for a given bridge. I wonder then if bridgedb is also reading in the cached-consensus file, and if so, what it's believing.

More generally, it sure would be good to make progress on #1606.

comment:2 Changed 8 years ago by karsten

Resolution: not a bug
Status: newclosed

It looks like you're right. I ran my own instance of BridgeDB locally, and it tells me the correct number of bridges, that is, without duplicates.

And yes, I think BridgeDB is also reading in the networkstatus-briges file to determine the Stable flag. Whether it's giving out the last published descriptor or the one that is referenced from the network status? I'd guess the latter, but I don't know.

Note: See TracTickets for help on using tickets.