Opened 8 years ago

Closed 8 years ago

Last modified 7 years ago

#3599 closed defect (fixed)

Microdescriptor policy comparison handles "unspec" incorrectly

Reported by: nickm Owned by:
Priority: High Milestone: Tor: 0.2.3.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-client
Cc: Actual Points:
Parent ID: #1748 Points:
Reviewer: Sponsor:

Description

If you start a microdesc client and wait a while, you'll start to see lots of "No exits can handle address [scrubbed]" messages.

This happens because the uint32_t value 0 is used in address policy comparison code to mean both the address 0.0.0.0 and "no address known". 0.0.0.0 is blocked by everybody, so compare_tor_addr_to_short_policy() says "reject" for everybody.

I'm not currently quite sure why it take so long for this to trigger.

Child Tickets

Change History (7)

comment:1 Changed 8 years ago by nickm

Parent ID: #1748
Status: newneeds_review

See branch node_policy_fix in my public repository. I've been reviewing and testing it, but it still needs more review and testing!

Though if nobody does that, perhaps I should just merge it and see who reports crashes.

comment:2 Changed 8 years ago by Sebastian

In my testing, this fixes the issue for regular tor connections. It breaks hidden services however: Making any hidden service request gave an immediate "Closing stream for '[scrubbed].onion': hidden service is unavailable (try again later)." in the log. Using another Tor instance running in parallel from the same codebase without UseMicrodescriptors 1 set connects to those hidden services successfully.

comment:3 Changed 8 years ago by Sebastian

I should clarify that. Hidden service requests weren't working before either, so this is not a new issue. Maybe this should be handled in a new bug?

comment:4 Changed 8 years ago by Sebastian

For the actual review, the patches look fine. For additional testing, I didn't manage to make it break for regular traffic in my testing. Imo good to merge as it is clearly an improvement.

comment:5 Changed 8 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Great; merging this one. Sebastian; if you can open a new ticket for the hidden service issue, that would rock.

comment:6 Changed 7 years ago by nickm

Keywords: tor-client added

comment:7 Changed 7 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.