Core Tor August 2016 report
anti-DoS work:
#8625 [1] Do not call networkstatus_reset_download_failures() hourly
This problem was actually reported 4 years ago. It was found while
searching about a bug reported in our consensus process.
We identified that once an hour, we call
router_reset_descriptor_download_failures, which calls
networkstatus_reset_download_failures().
Our download logic has a way to say "Try this once an hour": that's by
having a download schedule with a one-hour interval. What this does is make us
retry several times an hour, as if we had never failed before.
When early this year we worked on #4483, we made consensus downloads more
reliable by opening more connections. These extra connections made this issue
more important to fix so we decided to pick it up as well.
The work to fix it ended up being quite easy and what took longer was to
actually test the fix. But we managed to do it as well, more information about
the tests are on comments at the ticket for this issue.
#18640 [2] Use smarter algorithms to handle socket exhaustion
This work aims to protect against a possible attack that could use socket
exhaustion to create a DoS.
Sockets probably account for most of the descriptor use in a running Tor
process, but we should make the maximum socket count a little lower than the
maximum number of descriptors so they can't block us from opening files.
We created a basic plumbing to implement a MaxSockets config option and a
stub connection_handle_oos() function called in the appropriate places. We also
applied a simple sort heuristic to decide which connections are least harmful
to kill analogous to OOM handling.
Improved public identity keys for Tor relays:
We did a lot of work related to Proposal 220 [3] work, which is related to
migrating server identity keys to Ed25519.
* https://trac.torproject.org/projects/tor/ticket/13752
* https://trac.torproject.org/projects/tor/ticket/19155
* https://trac.torproject.org/projects/tor/ticket/19156
* https://trac.torproject.org/projects/tor/ticket/19157
* https://trac.torproject.org/projects/tor/ticket/19158
* https://trac.torproject.org/projects/tor/ticket/19160
Miscellaneous, related to improved public identity keys:
#15087 [4] Small patch to give consistent behavior to how our certificate
API checks expiration date.
[1] https://trac.torproject.org/projects/tor/ticket/8625
[2] https://trac.torproject.org/projects/tor/ticket/18640
[3]
https://github.com/torproject/torspec/blob/master/proposals/220-ecc-id-keys.txt
[ ] https://trac.torproject.org/projects/tor/ticket/15087
_______________________________________________
tor-reports mailing list
tor-reports@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-reports