Opened 7 days ago

Last modified 7 hours ago

#32672 merge_ready task

Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()

Reported by: teor Owned by: neel
Priority: Medium Milestone: Tor: 0.4.3.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: 043-should, 041-backport, 042-backport, consider-backport-after-authority-test, fast-fix, network-health
Cc: dgoulet, gk, neel, arma Actual Points:
Parent ID: Points: 0.5
Reviewer: teor Sponsor:

Description

We should modify dirserv_rejects_tor_version() to keep it up to date with our supported versions:

  • After 1 January 2020, we should reject all versions less than 0.3.5.
  • After 2 February 2020, we should reject the 0.4.0 series, but allow the 0.3.5 series

https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTorReleases#Current

After these dates, we should get arma to test this change, then merge it.

After we merge, we should create a ticket in 0.4.4 to reject 0.4.1.

Child Tickets

Change History (16)

comment:1 Changed 7 days ago by arma

Cc: dgoulet gk added
Keywords: network-health added

dgoulet/gk/somebody, can you get us a set of currently running relays and contactinfos, maybe sorted like last time, so we can go through and contact these relays asap?

comment:2 Changed 7 days ago by teor

Nothing is broken on these relays, yet. But you're right, we should encourage them to upgrade. There are still ~650 relays on 0.2.9, and maybe 100 on 0.4.0.

comment:3 Changed 6 days ago by neel

Owner: set to neel
Status: newassigned

Assigning this to myself.

comment:4 Changed 6 days ago by neel

Status: assignedneeds_review

comment:5 Changed 6 days ago by neel

Cc: neel added

comment:6 Changed 6 days ago by teor

Keywords: teor-backlog removed
Reviewer: teor
Status: needs_reviewneeds_revision

Thanks, just a few fixes needed:

  1. fix a comment to explain what happened to 0.3.6.0-alpha-dev
  2. add tests for current releases
  3. work out if we want to reject 0.4.0 alphas and rcs. To do that, we need to check how many there are in the network.
  4. Rebase on 0.4.1, because we might backport this branch to 0.4.1

Once we've made these changes, we should email all the affected operators, and then test this patch on moria1. After we've done both those things, we can merge.

comment:7 Changed 6 days ago by neel

Status: needs_revisionneeds_review

Rebasing this branch over 0.4.1 doesn't make sense, as the tests are missing on that branch. However, I have a secondary PR for 0.4.1.

About blocking 0.4.1 alphas/rc, I would be against it unless there is a crippling bug on the 0.4.1 alphas/rc releases. For instance, 0.2.9.5-rc is allowed on the network because it "works" (may not be the most secure, but technically works), whereas 0.2.9.4 and below have a consensus bug.

The changes are posted to both the original PR based off master and the 0.4.1 PR here: https://github.com/torproject/tor/pull/1588

I don't know if two PRs will work for you, but here it is.

comment:8 in reply to:  7 Changed 3 days ago by teor

Status: needs_reviewneeds_information

Replying to neel:

About blocking 0.4.1 alphas/rc, I would be against it unless there is a crippling bug on the 0.4.1 alphas/rc releases. For instance, 0.2.9.5-rc is allowed on the network because it "works" (may not be the most secure, but technically works), whereas 0.2.9.4 and below have a consensus bug.

Yes, we decided to keep 0.2.9.5-rc, when we made a decision about 0.2.9.

But recently, when we made a decision about 0.3.5, we rejected unstable versions of 0.3.5 because those versions are not supported. (And there were not many relays on those versions.)
https://github.com/torproject/tor/pull/1588/files#diff-c535b81e06d7fed27d5d3cdaabf1c4b8R331

Unless there is some compelling reason to keep 0.4.0 unstable relays, we should encourage their operators to upgrade.

The changes are posted to both the original PR based off master and the 0.4.1 PR here: https://github.com/torproject/tor/pull/1588

I don't know if two PRs will work for you, but here it is.

We normally do backports with multiple PRs. Because of the way that git does merges, the best way to get a good merge is to do the common changes in one commit, and the extra changes for later versions in other commits. You won't need to do that here, this patch is small enough that we can resolve any merge conflicts ourselves.

To move forward with this ticket, we need to:

  • find out how many relays are on unstable 0.4.0 versions
  • decide if we want to reject those versions

comment:9 Changed 2 days ago by dgoulet

After 1 January 2020, we should reject all versions less than 0.3.5.

Latest consensus:

<= 0.3.5 series: 781 [w: 6.53%]

Distribution:

  16: 0.2.4             [0.02 %] (MAJOR)
  14: 0.2.5             [0.21 %] (MAJOR)
   2: 0.2.6             [0.00 %] (MAJOR)
   2: 0.2.7             [0.09 %] (MAJOR)
   2: 0.2.8             [0.00 %] (MAJOR)
 640: 0.2.9             [5.48 %] (MAJOR)
  12: 0.3.0             [0.00 %] (MAJOR)
   3: 0.3.1             [0.00 %] (MAJOR)
  23: 0.3.2             [0.15 %] (MAJOR)
   8: 0.3.3             [0.05 %] (MAJOR)
  59: 0.3.4             [0.54 %] (MAJOR)

find out how many relays are on unstable 0.4.0 versions

0.4.0 series: 520 [w: 11.23%]

Distribution:

   1: 0.4.0.0-alpha-dev [0.00 %] 
   2: 0.4.0.1-alpha     [0.08 %] 
   1: 0.4.0.1-alpha-dev [0.00 %] 
   3: 0.4.0.2-alpha     [0.19 %] 
   2: 0.4.0.3-alpha     [0.01 %] 
   1: 0.4.0.4-rc        [0.02 %] 
 509: 0.4.0.5           [10.89 %] 
   1: 0.4.0.6           [0.04 %] 

comment:10 Changed 2 days ago by teor

Thanks dgoulet, looks like we need to contact operators on 0.3.4 and earlier, and 0.4.0, particularly 0.2.9 and 0.4.0.5.

There was a typo in my last post, we are actually talking about rejecting unstable 0.4.1 versions, as well as all of 0.4.0.

How many relays are on 0.4.1 unstable?

comment:11 Changed 2 days ago by gk

It seems like 9 if I understand the output correctly:

   2: 0.4.1.2-alpha     [0.02 %] 
   5: 0.4.1.3-alpha     [0.07 %] 
   2: 0.4.1.4-rc        [0.00 %] 

comment:12 in reply to:  11 Changed 2 days ago by dgoulet

Replying to gk:

It seems like 9 if I understand the output correctly:

   2: 0.4.1.2-alpha     [0.02 %] 
   5: 0.4.1.3-alpha     [0.07 %] 
   2: 0.4.1.4-rc        [0.00 %] 

Correct. I see the same.

comment:13 Changed 43 hours ago by teor

Status: needs_informationneeds_revision

I think it is a good idea to exclude 9 relays, so we avoid any bugs in unstable 0.4.1 on the network.

Neel, please also reject 0.4.1.0-alpha-dev to 0.4.1.4-rc.

comment:14 Changed 30 hours ago by neel

Status: needs_revisionneeds_review

Made the changes and pushed them.

comment:15 Changed 18 hours ago by teor

Cc: arma added
Status: needs_reviewmerge_ready

Thanks, this looks good. Here's what we need to do now:

  1. email all the affected operators, and ask them to upgrade
  2. test this patch on moria1
  3. squash the fixup commits
  4. rebase the master patch to 0.4.2
  5. merge and merge forward:
  6. deploy to the other directory authorities

We can merge before testing, if that's helpful for arma.

comment:16 Changed 7 hours ago by dgoulet

I've compiled the list of relays that have a ContactInfo (might not be valid) that matches the version we are wanting to reject. Can be found here:

https://people.torproject.org/~dgoulet/volatile/ticket32672_contacts.txt

(Sorted by bandwidth weight)

Note: See TracTickets for help on using tickets.