Opened 8 years ago

Closed 8 years ago

Last modified 7 years ago

#5231 closed defect (fixed)

Sometimes Tor makes very long (=many hops) circuits

Reported by: Sebastian Owned by:
Priority: Medium Milestone: Tor: 0.2.3.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-client
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

This can happen when we cannibalize a circuit which has already been cannibalized. Wanoskarnet contributed a patch that prevents this by making sure not to cannibalize circuits that are longer than three hops already. I believe the change does make sense, as we don't really want to build any super long circuits anyway.

I'm targetting this as a bugfix on the 0.2.3 release, I don't think we need to backport it to 0.2.2.x. Please make sure this makes sense to you, too.

Child Tickets

Change History (8)

comment:1 Changed 8 years ago by Sebastian

Status: newneeds_review

branch bug5231 in my repo.

comment:2 Changed 8 years ago by Sebastian

wanoskarnet had more to say:

> not only alredy cannibilized, but already reserved (dotexit if enabled, predefined extend info for dir purpose and built without reextend, exit enclaving). else you could just use 'has_opened' flag.
> if you count !has_opened (circuit which has already been cannibalized) then your circuit can be 5 hops in len. If you count 3hops circs only then no more than 4 (general et al).
> trac ticket does confusion. branch is correct.
> part about 'has_opened' flag seems like bs. all another is correct.

comment:3 Changed 8 years ago by nickm

The patch seems reasonable, I think.

If I understand wanoskarnet's comments above correctly, I think he's saying: "Extra-long circuits can happen not only if we cannibalize an already-cannibalized circuit, but also if we cannibalize a circuit that was already 4 hops for some other reason, such as having a fixed exit or something like that."

Oh, what about bridge users? Their circuits are already an extra hop long, right?

comment:4 in reply to:  3 Changed 8 years ago by Sebastian

Replying to nickm:

The patch seems reasonable, I think.

Agreed.

If I understand wanoskarnet's comments above correctly, I think he's saying: "Extra-long circuits can happen not only if we cannibalize an already-cannibalized circuit, but also if we cannibalize a circuit that was already 4 hops for some other reason, such as having a fixed exit or something like that."

That's how I understand it, too.

Oh, what about bridge users? Their circuits are already an extra hop long, right?

We never implemented it that way, did we? Even with the bridges putting circuits through their own guards design (which we haven't done yet either), the bridge using client would still only think it's a three-hop circuit.

comment:5 Changed 8 years ago by arma

patch looks fine to me

comment:6 Changed 8 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Okay, merged. Thanks to everyone!

comment:7 Changed 7 years ago by nickm

Keywords: tor-client added

comment:8 Changed 7 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.