Skip to content

GitLab

Trac
Trac

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Closed
Opened by pastly@pastly

Stem, Tor LTS, broken exit policies, and maybe microdescriptor issues too

Here in sbws I'm wanting to see what exits in the Tor network allow exiting to an ip:port.

However, there seems to be an issue revolving around microdescriptors and the "exit policy summaries" contained in them. Perhaps related to #24110 (moved), I can't tell because I don't understand these details enough.

stem version: 1.6.0

Tor version: 0.2.9.14

torrc:

ORPort 3537
SocksPort 3538
ControlPort 3536
CookieAuthentication 1
DataDirectory /home/pastly/run/livenet1
PidFile /home/pastly/run/livenet1/tor.pid
Log notice file /home/pastly/run/livenet1/notice.log
ControlSocket /home/pastly/run/livenet1/control_socket
ContactInfo XXXXXXXXXXXX
RunAsDaemon 1
Nickname XXXXXXXXXXXXX
SafeLogging 0
DisableDebuggerAttachment 0
MaxAdvertisedBandwidth 8 Mbits
ExitRelay 1
ExitPolicyRejectPrivate 0
# The public IP address of this machine, and a port on it
ExitPolicy accept xx.xx.xx.xx:yyyy
ExitPolicy reject *:*

Traceback:

Mostly unhelpful, since it's mostly code in my "http" branch of sbws. But you can see the exception.

e is a RouterStatusEntryV3 for a relay with the Exit flag

Traceback (most recent call last):
  File "/home/pastly/src/simple-bw-scanner/sbws/core/scanner.py", line 247, in dispatch_worker_thread
    return measure_relay(*a, **kw)
  File "/home/pastly/src/simple-bw-scanner/sbws/core/scanner.py", line 193, in measure_relay
    exits = rl.exits_can_exit_to(dest.hostname, dest.port)
  File "/home/pastly/src/simple-bw-scanner/sbws/lib/relaylist.py", line 100, in exits_can_exit_to
    if e.exit_policy.can_exit_to(host, port):
KeyError: (<stem.exit_policy.MicroExitPolicy object at 0x7f9c8c5f5ac8>, '144.217.254.208', 80)

If I try only giving a port, same basic traceback (only last few lines included) ...

  File "/home/pastly/src/simple-bw-scanner/sbws/lib/relaylist.py", line 101, in exits_can_exit_to
    if e.exit_policy.can_exit_to(port=port):
KeyError: (<stem.exit_policy.MicroExitPolicy object at 0x7fb97545fd30>, <object object at 0x7fb992dba080>, ('port', 80))

Additional information:

  • If I use an 02914 client without setting UseMicrodescriptors 0, the exit_policy members are None. (hence some disconnect between line numbers in the tracebook in order to find and log Nones)

  • If I use an 02914 client with UseMicrodescriptors 0, I get the above tracebacks

  • If I use an 02914 relay as the client, I get the above traceback

  • This wasn't an issue when I was using an 03210 authority as the client

My theories:

  • In 02914, one must tell Tor to NOT use microdescs in order to get SOMETHING stored as a RouterStatusEntryV3's exit policy
  • Even when you get SOMETHING stored in a RouterStatusEntryV3's exit policy when using 02914, it is buggy/missing information/something bad.
  • Something changed between 02914 and 03210 regarding the way Tor tells its controllers about (micro)descriptors and the exit policies within. This is most likely a stem bug, possibly exacerbated by a Tor bug.
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information