nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-24 04:13:28 +01:00
Code Issues Packages Projects Releases Wiki Activity
mirror repository of the tor core protocol in case of issues
23,528 Commits 53 Branches 630 Tags 128 MiB
C 94.4%
Python 1.5%
C++ 1.1%
Shell 1.1%
M4 0.9%
Other 0.8%
92139b0077
Go to file
Nick Mathewson 92139b0077 Fix a lovely heisenbug in rend_cache/store_v2_desc_as_client 
Act I.

    "                    But that I am forbid
     To tell the secrets of my prison-house,
     I could a tale unfold..."

Here's the bug: sometimes, rend_cache/store_v2_desc_as_client would
say:

"Dec 15 08:31:26.147 [warn] rend_cache_store_v2_desc_as_client():
   Bug: Couldn't decode base32 [scrubbed] for descriptor id. (on Tor
   0.3.0.0-alpha-dev 4098bfa260)"

When we merged ade5005853 back in 0.2.8.1-alpha, we added that
test: it mangles the hidden service ID for a hidden service, and
ensures that when the descriptor ID doesn't match the descriptor's
key, we don't store the descriptor.

How did it mangle the descriptor ID?  By doing
     desc_id_base32[0]++;

So, if the hidden service ID started with z or 7, we'd wind up with an
invalid base32 string, and get the warning.  And if it started with
any other character, we wouldn't.

That there is part 1 of the bug: in 2/32 cases, we'd get a BUG
warning.  But we wouldn't display it, since warnings weren't shown
from the unit tests.

Act II.

    "Our indiscretion sometime serves us well,
     When our deep plots do pall"

Part two: in 0.2.9.3-alpha, for part of #19999, we turned on BUG
warnings in the unit tests, so that we'd actually start seeing them.
At this point we also began to consider each BUG warning that made
it through the unit tests to be an actual bug.  So before this
point, we wouldn't actually notice anything happening in those 2/32
cases.

So, at this point it was a nice random _visible_ bug.

Act III.

   "Our thoughts are ours, their ends none of our own"

In acbb60cd63, which was part of my prop220 work, I
changed how RSA key generation worked in the unit tests.  While
previously we'd use pre-made RSA keys in some cases, this change
made us use a set of pregenerated RSA keys for _all_ 1024 or 2048
keys, and to return them in a rotation when Tor tried to generate a
key.

And now we had the heisenbug: anything that affected the number of
pregenerated keys that we had yielded before reaching
rend_cache/store_v2_desc_as_client would make us return a different
key, which would give us a different base32 ID, which would make the
bug occur, or not.  So as we added or removed test cases, the bug
might or might not happen.

So yeah.  Don't mangle a base32 ID like that.  Do it this way instead.
2016-12-15 08:42:03 -05:00
changes Merge branch 'dgoulet_ticket19043_030_03_squashed' 2016-12-14 15:28:28 -05:00
contrib Bump version 0.2.9.7-rc 2016-12-11 21:39:50 -05:00
doc Remove AuthDirMaxServersPerAuthAddr 2016-12-13 13:09:27 -05:00
m4 Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS 2016-06-17 10:17:44 -04:00
scripts Update to trunnel 1.5.1 2016-12-08 16:59:25 -05:00
src Fix a lovely heisenbug in rend_cache/store_v2_desc_as_client 2016-12-15 08:42:03 -05:00
.gitignore Add TAGS to gitignore. 2016-10-03 14:08:50 -04:00
acinclude.m4 Resolve some warnings from OSX clang. 2016-06-11 10:11:53 -04:00
autogen.sh Use a nicely written autoconf macro to determine the sign of a type 2013-02-07 16:23:48 -05:00
ChangeLog forward-port the 0.2.9.7-rc changelog 2016-12-12 08:26:36 -05:00
configure.ac Merge branch 'maint-0.2.9' 2016-12-11 22:23:31 -05:00
Doxyfile.in doxygen says these options are obsolete 2016-10-24 10:31:05 -04:00
INSTALL Small fixes for the 2702 implementation 2011-04-02 12:15:08 +02:00
LICENSE Add __mulodi4 source to src/ext 2016-05-18 09:44:01 -04:00
Makefile.am Teach 'make tags' about MOCK_IMPL. 2016-10-03 13:58:09 -04:00
Makefile.nmake Clean up the MVSC nmake files so they work again. 2014-09-09 10:27:05 -04:00
README Move hacking documentation into a new subdirectory. 2015-10-09 10:40:53 -04:00
ReleaseNotes Forward-port 0.2.8.11 notes (master) 2016-12-08 11:09:42 -05:00

README 

Tor protects your privacy on the internet by hiding the connection
between your Internet address and the services you use. We believe Tor
is reasonably secure, but please ensure you read the instructions and
configure it properly.

To build Tor from source:
        ./configure && make && make install

To build Tor from a just-cloned git repository:
        sh autogen.sh && ./configure && make && make install

Home page:
        https://www.torproject.org/

Download new versions:
        https://www.torproject.org/download/download.html

Documentation, including links to installation and setup instructions:
        https://www.torproject.org/docs/documentation.html

Making applications work with Tor:
        https://wiki.torproject.org/projects/tor/wiki/doc/TorifyHOWTO

Frequently Asked Questions:
        https://www.torproject.org/docs/faq.html


To get started working on Tor development:
        See the doc/HACKING directory.