#18963: Download authority certificates even under blackholed authorities or fallbacks -------------------------------------------------+------------------------- Reporter: teor | Owner: Type: defect | Status: Priority: Medium | needs_review Component: Core Tor/Tor | Milestone: Tor: Severity: Normal | 0.2.8.x-final Keywords: must-fix-before-028-rc, | Version: Tor: 029-proposed | 0.2.8.1-alpha Parent ID: #18816 | Resolution: Reviewer: | Actual Points: | Points: small | Sponsor: -------------------------------------------------+------------------------- Changes (by teor):
* status: needs_revision => needs_review Comment: Replying to [comment:6 nickm]: > Shadowing bug: > {{{ > + /* Look up the routerstatus for the dir_hint */ > + const routerstatus_t *rs = NULL; > + > + if (dir_hint) { > + /* First try the consensus routerstatus, then the fallback > + * routerstatus */ > + const routerstatus_t *rs = router_get_consensus_status_by_id(dir_hint); > }}} > > That inner declaration of rs shouldn't be a declaration. NM1: We should turn on -Wshadow or something :-) 67662ec fixup! Fetch certificates from the same directory as the consensus > > Other than that, looks good. One thing I would like to make sure I understand, though: what is it that makes us -not- retry the same directory server forever here? Is it the fact that if that server at some point refuses to give us a certificate we asked for, we will then try to download it with dir_hint set to NULL? Yes, the logic is as follows: * when we successfully download a consensus, and we need certificates to validate it, download certificates from the same directory * as long as there are no failures when downloading certificates, and we keep getting at least one new authority certificate, download other certificates from the same directory * otherwise, try a random directory Added a comment explaining that in: 67662ec fixup! Fetch certificates from the same directory as the consensus Don't retry the same source_dir if any certificate is bad: a6c2bcd fixup! Fetch certificates from the same directory as previous certificates Only retry the same source_dir as long as it delivers at least one authority certificate: dafbf46 fixup! fixup! Fetch certificates from the same directory as previous certificates -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18963#comment:7> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs