[Tor-BSD] OpenBSD testers neededFw: fix security issue in -stable for net/tor

[George Rosamond]

teor:
> 
>> On 14 Dec 2017, at 10:39, George Rosamond <george at ceetonetechnology.com> wrote:
>>
>> teor:
>>>
>>> On 14 Dec 2017, at 08:22, Daniel Jakots <vigdis+tor at chown.me> wrote:
>>>
>>>>> We usually don't remove relays from the network unless they are
>>>>> actively causing severe issues for clients. The last time we did this
>>>>> for a particular tor version was back in 0.2.9 due to a bad directory
>>>>> cache bug.
>>>>>
>>>>> As far as I know, there are no plans to remove older relays from the
>>>>> network.
>>>>>
>>>>> Instead, we will mark them as "not recommended" in Relay Search,
>>>>> and the relays themselves will warn about their old version in their
>>>>> logs.
>>>>
>>>> So what does the "not recommended" mark? Just a hint that you should
>>>> update?
>>>
>>> Yes, just a hint to update.
>>>
>>> We also declare major version series unsupported.
>>> (Like 0.2.7 earlier this year, or 0.2.8 and 0.3.0 in January.)
>>> Then they stop receiving security patches.
>>
>> AFAIK, it was just a "Tor out of date" type message out of syslog.
>>
>> I manually updated the port to 0.3.1.9 for two nodes on OpenBSD -stable,
>> and was going to do a diff.
>>
>> But as these are both small embedded boxes and I have dedicated
>> ${TORDATADIR} partitions on each, Tor jumped in disk usage and bombed
>> out both bridges.
> 
> This is the consensus diffs feature: it stores diffs on disk to reduce
> client bandwidth requirements. We didn't communicate this as well as we
> could have.

Right.  I know this has happened before.  I don't know how the Linux
packages work, but an after-install type message as part of the source
might be worth considering.  Particularly with any significant changes
like size requirements, or even listing new torrc knobs. Just listing
the entire list of bug fixes isn't necessary, just the changes relevant
to running boxes.  I realize it's a bit more labor for the builds, but
at least it's centralized upstream from the porters. Just a thought.

> 
>> On that note, what is the maximum Tor data dir everyone is seeing,
>> regardless of OS?  I have up to 222M on one relay that's on 0.3.1.9.
> 
> We're working on a CacheDir option which will be useful here, because it
> splits cache files and key/state files.
> 
> The cache files can be a few hundred megabytes, and can safely be
> deleted. (You should probably do this when Tor isn't running.)
> 
> The key/state files should be only a few megabytes.

Right.

> 
>> Thanks for jumping on it DJ.  Backporting *really* matters for the Tor
>> stuff.
> 
> +1

Yeah, that was a pretty boringly obvious statement.

g