Delivery-Date: Sat, 12 Dec 2015 04:43:54 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id EB46A1E030E;
	Sat, 12 Dec 2015 04:43:52 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id D20633898E;
	Sat, 12 Dec 2015 09:43:46 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 5263C38988
 for <tor-talk@lists.torproject.org>; Sat, 12 Dec 2015 09:43:43 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id uWGspflDnwSp for <tor-talk@lists.torproject.org>;
 Sat, 12 Dec 2015 09:43:43 +0000 (UTC)
Received: from khazad-dum.seul.org (khazad-dum.csail.mit.edu [128.31.0.47])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "moria.seul.org", Issuer "moria.seul.org" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 358A33896A
 for <tor-talk@lists.torproject.org>; Sat, 12 Dec 2015 09:43:43 +0000 (UTC)
Received: by khazad-dum.seul.org (Postfix, from userid 501)
 id 89C551E030E; Sat, 12 Dec 2015 04:43:40 -0500 (EST)
Date: Sat, 12 Dec 2015 04:43:40 -0500
From: Roger Dingledine <arma@mit.edu>
To: tor-talk@lists.torproject.org
Message-ID: <20151212094340.GE41084@moria.seul.org>
References: <CAKDKvuyDQCWgg65hQHb23q8R546Rsr1FU5F-qQo=NHZZj1-2kg@mail.gmail.com>
 <n4emfg$et0$1@ger.gmane.org> <566B404E.6080004@openmailbox.org>
 <566BE6A8.8020600@openmailbox.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <566BE6A8.8020600@openmailbox.org>
User-Agent: Mutt/1.5.20 (2009-12-10)
Subject: Re: [tor-talk] Does #17772 affect entry or directory guard or both?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Sat, Dec 12, 2015 at 09:19:36AM +0000, nusenu wrote:
> The changelog is not entirely clear to me, first it says "major bug in
> *entry* guard selection" later it says "Actually look at the Guard flag
> when selecting a new *directory* guard".

Both.

In the default configuration, your client makes sure that it has at
least 1 entry guard to use for making its normal circuits, and at least
3 entry guards to use for fetching directory info.

On first boot, when you have no guards yet, the first thing your Tor does
is try to fetch directory info. At that point it selects 3 entry guards,
and goes about bootstrapping. When it's time to make a normal circuit,
it checks to see that it has at least 1 entry guard, and it does (it
has 3), so it is happy and continues.

The process of picking an entry guard to use as a directory guard (aka
"picking a directory guard") is a bit different than the process of
picking an entry guard to use for normal circuits, since you want to
make sure it has an open DirPort, it's a new enough version that it will
have answers to the directory questions you want to ask, etc. And the
bug was in the "picking a directory guard" piece.

--Roger

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

