The automated test suite doesn't fetch Tor relays from unverified-microdesc-consensus.bak
When checking whether we only contacted the Tor network, we fetch the
list of Tor relays known by the test VM via get_all_tor_nodes()
. It
only look at what’s in /var/lib/tor/cached-microdesc-consensus
, but
sometimes there may be additional nodes in
unverified-microdesc-consensus.bak
.
Today I’ve for the first time seen a firewall leak where Tor connected
to a node that’s in unverified-microdesc-consensus.bak
but not in
cached-microdesc-consensus
. It seems that the relay was down (all TCP
packets were dropped, at least).
Should we also accept connections to nodes only in
unverified-microdesc-consensus.bak
? I.e.
--- a/features/support/helpers/misc_helpers.rb
+++ b/features/support/helpers/misc_helpers.rb
@@ -93,7 +93,7 @@ end
# This command will grab all router IP addresses from the Tor
# consensus in the VM + the hardcoded TOR_AUTHORITIES.
def get_all_tor_nodes
- cmd = 'awk "/^r/ { print \$6 }" /var/lib/tor/cached-microdesc-consensus'
+ cmd = 'awk "/^r/ { print \$6 }" /var/lib/tor/*-microdesc-consensus* | sort -u'
@vm.execute(cmd).stdout.chomp.split("\n") + TOR_AUTHORITIES
end
After all, that’s what our Tor may do, which may be a bug, possibly due
to all the tordate
madness we do.
Feature Branch: test/9521-chutney
Parent Task: #10288
Related issues
- Related to #9654 (closed)
Original created by @anonym on 8961 (Redmine)