[tor-bugs] #16387 [Core Tor/Tor]: Improve reachability of hidden services on mobile phones

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Jun 23 20:37:16 UTC 2016


#16387: Improve reachability of hidden services on mobile phones
--------------------------+------------------------------
 Reporter:  asn           |          Owner:
     Type:  enhancement   |         Status:  new
 Priority:  Medium        |      Milestone:  Tor: 0.2.???
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:  tor-hs        |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:  SponsorR-can
--------------------------+------------------------------

Comment (by timonh):

 I reran the test switching from wifi to mobile network on android. Looking
 at the log it seems that Tor retries on the intro points once but then
 decides to try other ones.
 See attachment torlog2.
 I'm using Tor 0.2.8 so
 [https://trac.torproject.org/projects/tor/ticket/8239 #8239] should be
 fixed and Tor should retry each intro point three times.

 Looking at the code (rend_consider_services_intro_points() in
 rendservice.c) the intro points to retry are determined by a call to
 remove_invalid_intro_points(). Then Tor will try to establish a circuit to
 them. But after that Tor will try other intro points if there aren't
 enough yet. So if the retry points fail Tor will choose other ones.
 The code to retry an introduction point three times is contained in
 remove_invalid_intro_points() using MAX_INTRO_POINT_CIRCUIT_RETRIES.
 So subsequent calls to remove_invalid_intro_points() will return an
 introduction point to retry up to three times.
 But a single call to rend_consider_services_intro_points() will only retry
 each introduction point once and then try others.
 Is this intended behavior?

 Replying to [comment:7 timonh]:
 > Another problem here is that a client, that has an old descriptor of a
 HS that chose new intro points and published a new descriptor in the
 meantime will try to reach the old intro points for a long time before
 trying to fetch the descriptor again. The old intro points don't notice
 that the circuit to the HS is broken because of the long TCP timeout.
 Therefore they acknowledge the RELAY_COMMAND_INTRODUCE1 cells of the
 client.

 Regarding this issue the idea came up that an intro point could wait for a
 INTRODUCE2_ACK from the HS before sending a INTRODUCE_ACK to the client.
 Then a client would notice that the HS didn't receive the
 RELAY_COMMAND_INTRODUCE2 cell using a timeout and wouldn't wait at the
 rendezvous point for a long time.
 I'm not sure which other implications the change would have.
 Another possibility would be to close ready rendezvous points earlier
 using a timeout and than fetch the descriptor again.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16387#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list