#26300: Attempt by … to open a stream on first hop of circuit. Closing. --------------------------+------------------------------------ Reporter: teor | Owner: (none) Type: defect | Status: new Priority: Medium | Milestone: Tor: 0.3.4.x-final Component: Core Tor/Tor | Version: Tor: 0.3.3.6 Severity: Normal | Resolution: Keywords: fast-fix | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: --------------------------+------------------------------------
Comment (by arma): One scenario where this could happen: that relay used to be a client or a bridge, so it made an unauthenticated connection to dgoulet's relay. Then it changed to becoming a relay, but it kept the original connection open. Then later somebody tried to extend through that connection, and dgoulet's relay freaked out because a request came from an unauthenticated channel. Suggested fix, option one: when we migrate from being a relay to a non- relay or back, we set the is_bad_for_new_circs flag on that channel, which will make us generate a new connection that authenticates the new way. Suggested fix, option two: when we're considering whether a given connection is suitable for the circuit we're trying to put on it, we check how we authenticated on that connection, and if we didn't authenticate using the way we want, that isn't an acceptable connection to use for handling that circuit. So in that scenario we'll end up launching a new connection, and authenticating it the way we want. I like option two because (a) it avoids the terrible situation where somebody toggles their tor to be a relay and not relay and relay and not relay and ... and they accumulate a growing set of connections, all with the is_bad_for_new_circs flag set. And Tim also had a reason for preferring option two. :) -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26300#comment:3> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs