GitLab

Today we got someone coming in the v3 testing hub IRC channel that couldn't use v3 onion at all.

Turns out that this log kept happening for any v3 address:

[info] hs_client_refetch_hsdesc(): Can't fetch descriptor for service [scrubbed] because we are missing a live consensus. Stalling connection.

But its tor never got a live consensus. We could see it was trying to get it from its bridge:

[info] Received http status code 304 ("Not modified") from server 'BRIDGE_IP' while fetching consensus directory.

Sooooo, somehow the bridge has a consensus that thinks is live enough to use but when the client gets it, it doesn't think it is live. I can imagine clock skew between the client and bridge could be causing this?

Thus, this makes me question the use of "live consensus" in the HS v3 subsystem. v2 doesn't look for that at all, it only cares if tor has completed a circuit then it uses the consensus even if not live.

Maybe client side could only use the consensus tor thinks it can use and we hope that it is enough to reach the service?