[tor-bugs] #17668 [Tor]: moria1, with updated v3 cert: Bug: Generated a networkstatus consensus we couldn't parse.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Nov 29 02:02:46 UTC 2015
#17668: moria1, with updated v3 cert: Bug: Generated a networkstatus consensus we
couldn't parse.
---------------------+------------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: High | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Severity: Blocker | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
---------------------+------------------------------------
Comment (by Sebastian):
Ok, I think I found a few bugs (some might be different tickets, some
might be this thing):
- In the key-pinning-journal file, we accumulate duplicates over time as
relays switch back and forth between two different ed25519 keys with the
same rsa key. This has both the issue of exhausting dirauth disk space as
well as making the involved data structure slow, if it happens a lot. We
should prune duplicates when updating our latest view on a relay's
identity mapping.
- We're creating a vote that is invalid, but try to make a consensus
anyway like nothing's wrong. Then we fail doing that as described above.
- When a relay changes its RSA key, we'll include it in our vote twice. If
both RSA keys map to the same ed25519 key, this bug triggers. So far we
just never noticed that this is happening because we never cared that two
things are on the same IP:port combination.
- When we log unparseable desc stuff for our vote, we proceed to overwrite
it with the invalid consensus we produced. The vote gets logged at log
level notice, but only in truncated form not allowing one to analyze this
bug.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17668#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list