[tor-bugs] #27841 [Core Tor/Tor]: Close intro circuit after introduction has been completed

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Oct 19 11:42:34 UTC 2018 

#27841: Close intro circuit after introduction has been completed
--------------------------+----------------------------------
 Reporter:  asn           |          Owner:  neel
     Type:  defect        |         Status:  new
 Priority:  Medium        |      Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:  tor-hs dos    |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+----------------------------------
Changes (by asn):

 * status:  needs_information => new


Comment:

 Replying to [comment:7 dgoulet]:
 > Yes client side we are fine. I think this ticket was more on the
 introduction point side?
 >
 > Now I just realized something that is maybe bad in v3 (not in v2).
 >
 > See `handle_introduce1()` (hs_intropoint.c). Notice at the end that we
 only close the circuit if we send a NACK but not a ACK. Actually, it
 should be the opposite! The reason is that if you ACK, then the client
 will close that circuits so instead of waiting for another round trip for
 the DESTROY cell, the IP can just send it after the ACK and the client
 will likely close it much faster.
 >
 > Now, why we shouldn't close with a NACK? Because, in case of a NACK, the
 client will use the same circuit to re-extend to a new IP. If the current
 IP is closing the circuits, that re-extend is most likely failing... So
 the whole "reextend on NACK" optimization is rendered useless by closing
 the circuit on NACK on the intro side.
 >
 > To summarize (all of this intro point side):
 >
 > * Close circuit on ACK
 > * Keep circuit on NACK.
 >
 > Thoughts?

 Hm, that's interesting.

 I think your suggestion makes sense!

 However, I think it would be great after we write this patch, we also test
 that this "reextend on NACK" optimization works as intended.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27841#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list