[tor-talk] Does #17772 affect entry or directory guard or both?

Roger Dingledine arma at mit.edu
Sat Dec 12 09:43:40 UTC 2015


On Sat, Dec 12, 2015 at 09:19:36AM +0000, nusenu wrote:
> The changelog is not entirely clear to me, first it says "major bug in
> *entry* guard selection" later it says "Actually look at the Guard flag
> when selecting a new *directory* guard".

Both.

In the default configuration, your client makes sure that it has at
least 1 entry guard to use for making its normal circuits, and at least
3 entry guards to use for fetching directory info.

On first boot, when you have no guards yet, the first thing your Tor does
is try to fetch directory info. At that point it selects 3 entry guards,
and goes about bootstrapping. When it's time to make a normal circuit,
it checks to see that it has at least 1 entry guard, and it does (it
has 3), so it is happy and continues.

The process of picking an entry guard to use as a directory guard (aka
"picking a directory guard") is a bit different than the process of
picking an entry guard to use for normal circuits, since you want to
make sure it has an open DirPort, it's a new enough version that it will
have answers to the directory questions you want to ask, etc. And the
bug was in the "picking a directory guard" piece.

--Roger



More information about the tor-talk mailing list