[tor-reports] Core Tor august work for sponsor U report

isabela at riseup.net isabela at riseup.net
Fri Oct 7 18:37:15 UTC 2016


Core Tor August 2016 report

anti-DoS work:

#8625 [1] Do not call networkstatus_reset_download_failures() hourly

    This problem was actually reported 4 years ago. It was found while searching about a bug reported in our consensus process.

    We identified that once an hour, we call router_reset_descriptor_download_failures, which calls networkstatus_reset_download_failures().

    Our download logic has a way to say "Try this once an hour": that's by having a download schedule with a one-hour interval. What this does is make us retry several times an hour, as if we had never failed before.

    When early this year we worked on #4483, we made consensus downloads more reliable by opening more connections. These extra connections made this issue more important to fix so we decided to pick it up as well.

    The work to fix it ended up being quite easy and what took longer was to actually test the fix. But we managed to do it as well, more information about the tests are on comments at the ticket for this issue.


#18640 [2] Use smarter algorithms to handle socket exhaustion

    This work aims to protect against a possible attack that could use socket exhaustion to create a DoS.

    Sockets probably account for most of the descriptor use in a running Tor process, but we should make the maximum socket count a little lower than the maximum number of descriptors so they can't block us from opening files.

    We created a basic plumbing to implement a MaxSockets config option and a stub connection_handle_oos() function called in the appropriate places. We also applied a simple sort heuristic to decide which connections are least harmful to kill analogous to OOM handling.


Improved public identity keys for Tor relays:

    We did a lot of work related to Proposal 220 [3] work, which is related to migrating server identity keys to Ed25519.

    * https://trac.torproject.org/projects/tor/ticket/13752
    * https://trac.torproject.org/projects/tor/ticket/19155
    * https://trac.torproject.org/projects/tor/ticket/19156
    * https://trac.torproject.org/projects/tor/ticket/19157
    * https://trac.torproject.org/projects/tor/ticket/19158
    * https://trac.torproject.org/projects/tor/ticket/19160

Miscellaneous, related to improved public identity keys:

#15087 [4]     Small patch to give consistent behavior to how our certificate API checks expiration date. 


[1] https://trac.torproject.org/projects/tor/ticket/8625    
[2] https://trac.torproject.org/projects/tor/ticket/18640
[3] https://github.com/torproject/torspec/blob/master/proposals/220-ecc-id-keys.txt
[ ] https://trac.torproject.org/projects/tor/ticket/15087


More information about the tor-reports mailing list