> On 24 Sep 2019, at 03:27, Felix <zwie...@quantentunnel.de> wrote: > >> Am 2019-09-23 um 1:59 AM schrieb teor: >> >> We need some more information to diagnose the issue, and answer these >> questions: >> >> * Is this issue reproducible? > > In my Freebsd monoculture, yes. 20 guard relays shared the same history: > > Tor versions Tor 0.4.0.5, 0.4.1.2-alpha, 0.4.1.3-alpha, all on LibreSSL > 2.9.2. Running guard since >1 month before they all lost guard flags > between 2019-08-15 10pm and 2019-08-16 1am.
How do you know it's LibreSSL, and not simply restarting the relays? >> * Are all tor clients affected? > > They became middle relays so I expect no client will connect (besides > onion services?). But they were pushing a lot of data as middles. Here's what I meant: Are all Tor instances having trouble connecting to your relays, or just some of them? You've answered the question below. >> * If only some tor clients are affected, why are they affected? > > No idea, sorry. > >> * Are all bandwidth authorities affected, or just the ones running sbws? > > Short: Torflow is ok, sbws not That's not quite accurate. > Consensus for a relay with Libressl 292 > maatu. (!running, fast, !guard, bw ok) The authority on maatuska appears to be affected. > moria1 (running, fast, guard, bw ok) > farav. (running, fast, guard, bw ok) > longc. (running, !fast, !guard, no bw) > bastet (running, !fast, !guard, no bw) The bandwidth authority clients on longclaw and bastet are affected. > All relays w/o 292 received quickly running and fast from all bw auths, > later guard. Ok, so it does have something to do with LibreSSL. But we don't know why some other Tor instances are having trouble connecting: because it's not only sbws clients which are failing, it's authorities as well. >> * Are these issues actually instances of know sbws bugs? > > I don't think so. It doesn't seem so either. This seems like a LibreSSL / Tor bug, not an sbws bug. > For further testing I keep the relays like this: > > All the relays are on the same dedicated server > > now working ok: > 79D9E66BB2FDBF25E846B635D8248FE1194CFD26 Tor 0.4.1.6, OpenSSL 1.1.1d > ACBBB426CE1D0641A590BF1FC1CF05416FC0FF6F Tor 0.4.1.5, OpenSSL 1.0.2s > 9F5068310818ED7C70B0BC4087AB55CB12CB4377 Tor 0.4.1.6, LibreSSL 3.0.0 > 8FA37B93397015B2BC5A525C908485260BE9F422 Tor 0.4.1.5, OpenSSL 1.0.2t > > suffering: > ED7F2BE5D2AC7FCF821A909E2486FFFB95D65272 Tor 0.4.1.3-alpha, LibreSSL 2.9.2 > > > > I hope that helps. Please tell me how I can support. Maybe there is a bug in LibreSSL 2.9.2 ? Or a bug between that version and other SSL libraries? Can you reproduce this issue using Tor Browser connecting to your relays? If so, what do you see in your Tor logs? T _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays