- Stop being so aggressive about fetching v2 dir info if your
DirPort is on but your ORPort is off.
+ o Major features:
+ - Bridges now behave like clients with respect to time intervals for
+ downloading new consensus documents. Bridge users now wait until
+ the end of the interval, so their bridge will be sure to have a
+ new consensus document.
+
o Minor bugfixes:
- The fix in 0.2.0.12-alpha cleared the "hsdir" flag in v3 network
consensus documents when there are too many relays at a single
1.1. PublishServerDescriptor
To configure your relay to be a bridge relay, just add
+ BridgeRelay 1
PublishServerDescriptor bridge
to your torrc. This will cause your relay to publish its descriptor
to the bridge authorities rather than to the default authorities.
Alternatively, you can say
+ BridgeRelay 1
PublishServerDescriptor 0
which will cause your relay to not publish anywhere. This could be
useful for private bridges.
can supply their bridge users with cached copies of all the various
Tor network information.
- Right now (0.2.0.11-alpha) we require that bridges turn their DirPort on
- -- which means both that we answer BEGIN_DIR requests and that we fetch
- and cache directory information in an aggressive way like other servers.
-
- But:
- a) we don't enforce that DirPort is on, since it's not clear how to
- detect if the user meant to be a bridge. So it's easy to set up a bridge
- relay that silently refuses BEGIN_DIR requests and is thus useless.
- b) We don't actually care if they have an open or reachable DirPort. So
- at some point we should separate having an open DirPort from answering
- directory questions. Which leads to:
- c) We need to investigate if there are any anonymity worries with
- answering BEGIN_DIR requests when our DirPort is off. If there aren't,
- we should drop the DirPort requirement.
-
- I claim that we don't open any new attacks by answering BEGIN_DIR
- questions when DirPort is off: it's still a fine question to ask what
- partitioning attacks there are when you can query a Tor client about
- its current directory opinions, but these attacks already exist when
- DirPort is on.
-
- We need to answer this issue in 0.2.0.x.
+ As for Tor 0.2.0.13-alpha, bridges will answer begin_dir questions
+ (and cache dir info they see so the answers will be more useful)
+ whether their DirPort is enabled or not. (After all, we don't care if
+ they have an open or reachable DirPort to answer begin_dir questions.)
+
+ We need to investigate if there are any anonymity worries with answering
+ BEGIN_DIR requests when our DirPort is off. I claim that we don't open
+ any new attacks: it's still a fine question to ask what partitioning
+ attacks there are when you can query a Tor client about its current
+ directory opinions, but these attacks already exist when DirPort is on.
+ We should investigate this in 0.2.1.x.
1.3. Exit policy
/* But only in the first half-interval after that. */
dl_interval = interval/2;
} else {
- /* Give all the caches enough time to download the consensus.*/
+ /* We're an ordinary client or a bridge. Give all the caches enough
+ * time to download the consensus. */
start = c->fresh_until + (interval*3)/4;
- /* But download the next one before this one is expired. */
+ /* But download the next one well before this one is expired. */
dl_interval = ((c->valid_until - start) * 7 )/ 8;
- /* XXX020 do something different if
- * directory_fetches_dir_info_like_bridge_user() */
+
+ /* If we're a bridge user, make use of the numbers we just computed
+ * to choose the rest of the interval *after* them. */
+ if (directory_fetches_dir_info_like_bridge_user(options)) {
+ /* Give all the *clients* enough time to download the consensus. */
+ start = start + dl_interval + CONSENSUS_MIN_SECONDS_BEFORE_CACHING;
+ /* But try to get it before ours actually expires. */
+ dl_interval = (c->valid_until - start) -
+ CONSENSUS_MIN_SECONDS_BEFORE_CACHING;
+ }
}
if (dl_interval < 1)
dl_interval = 1;
projects / thirdparty / tor.git / commitdiff
