#23588: Write fascist_firewall_choose_address_ls() and use it in hs_get_extend_info_from_lspecs() -------------------------------------------------+------------------------- Reporter: teor | Owner: neel Type: defect | Status: | needs_revision Priority: Medium | Milestone: Tor: | 0.3.5.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: prop224, tor-hs, single-onion, | Actual Points: ipv6, 034-triage-20180328, | 034-removed-20180328 | Parent ID: #23493 | Points: 1 Reviewer: teor | Sponsor: -------------------------------------------------+-------------------------
Comment (by neel): I think I know what the bug for `hs-v23-ipv6-md` is: some addresses are being marked as they don't make it through `fascist_firewall_allows_address_ap()` (I believe the main Tor codebase does not make addresses go though this now, nor does my old "simplified" address choosing code that got abandoned). A solution can be to add a flag like `verify_addr` to `fascist_firewall_choose_address_impl()`, `fascist_firewall_choose_address()`, and `fascist_firewall_choose_address_base()` that determines whether we should verify the addresses or not, and set this flag to `0` in `fascist_firewall_choose_address_ls()`'s call to `fascist_firewall_choose_address_base()` and `1` in other calls. In my solution, we end up choosing addresses by replacing code in `fascist_firewall_choose_address_impl()` from something like this: {{{ if (fascist_firewall_allows_address_ap(a, fw_connection, pref_only, pref_ipv6)) { }}} to this: {{{ if (fascist_firewall_allows_address_ap(a, fw_connection, pref_only, pref_ipv6) || !verify_addr) { }}} Would this be okay? I know this may not be a good solution, but it may help fix this bug we are talking about (and is similar to my previous address choosing code which worked, but with the `fascist_firewall_allows_address_*` family of functions). I also attempted to do a three-hop fallback, and merged it with this codebase (not committed at all), but it still crashed with the same error described. It is possible that my three-hop fallback is broken. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23588#comment:36> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs