Opened 9 years ago

Last modified 3 years ago

#4539 new enhancement

Make dir auths write to disk digests that don't match

Reported by: ln5 Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-dirauth auditability save dump
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


maatuska told me this the other day:

Nov 05 12:55:02.739 [warn] Unable to store signatures posted by Mismatched digest.

And Sebastian had the idea that we should teach directory authorities to save mismatched digests to disk so that we can investigate them.

But before that, there was this log entry:

Nov 05 12:55:02.737 [warn] http status 400 ("Mismatched digest.") response after uploading signatures to dirserver ''. Please correct.

This makes me think that this might not be some local trouble on
maatuska but perhaps related to the communication between the
authorities. Broken TCP connection perhaps?

Adding this option should be easy enough for it to be worth it even if
we'll only find half a digest there or something so I say let's do it.

BTW, #1890 saw quite a few mismatched digests too.

Child Tickets

#20625enhancementneeds_revisionWhen a consensus doesn't have enough signatures, write it (and sigs) to a file

Change History (6)

comment:1 Changed 9 years ago by arma

This situation happens when moria1 and maatuska end up with a different set of votes.

They create their view of the consensus, sign it, and send the signatures to each other.

Each of them then says "whatever that authority signed wasn't the consensus I hoped he would sign".

The 'different set of votes' situation can happen in edge conditions, e.g. gabelmoo used to publish its votes 2 minutes and 29 seconds late sometimes, which would mean some authorities got them in time and some didn't.

comment:2 Changed 9 years ago by nickm

Milestone: Tor: unspecified
Type: defectenhancement

comment:3 Changed 8 years ago by nickm

Keywords: tor-auth added

comment:4 Changed 8 years ago by nickm

Component: Tor Directory AuthorityTor

comment:5 Changed 3 years ago by dgoulet

Keywords: tor-dirauth added; tor-auth removed

Turns out that tor-auth is for directory authority so make it clearer with tor-dirauth

comment:6 Changed 3 years ago by nickm

Keywords: auditability save dump added
Severity: Normal

See also #4363.

Note: See TracTickets for help on using tickets.