[Bug]Check server timeout /Exit node timeout leading to false negative about exitmap HOT 7 CLOSED

Yet another hit!
2016-01-09 15:37:44,711 [ERROR]: Found false negative for https://atlas.torproject.org/#details/06D7B21EE71E3903BCF344A8E2E331C7F534164C. Desc addr is 36.55.228.145 and check addr is 36.55.228.145.

from exitmap.

Seems to come from the list of relays:

The check for exitmap works correctly
The issue comes from Atlas, marking an IP as being invalid [false] when in fact it is valid and should return [true]

2016-01-09 18:33:06,686 [ERROR]: Found false negative for https://atlas.torproject.org/#details/3DFD5C51D75D753C94E7CE7AFAE4D157B6000782. Desc addr is 178.65.169.217 and check addr is 178.65.169.217.

from exitmap.

Hello Nullhypothesis,

Checked the IsTor response.
IsTor has 3 responses:
Is a tor exit
Is not a tor Exit
And a timeout

Found the documentation on tor exits:
https://trac.torproject.org/projects/tor/wiki/doc/TorDNSExitList

$istor = torel_check($ip, $myport, $myip);

// use $istor as needed for altering page behavior:
if ($istor < 0) {
// DNS query failed to get an answer
}
elseif ($istor) {
// Endpoint is a known Tor exit
}
else {
// Endpoint does not appear to be a Tor exit
}

Can we insert a check for the case where both ips match but the node is returning false, then it would make the requests a few more times to eliminate the possibility of erronous false negatives.

Because it seems a timeout is returning false when in fact the node is valid...
when i would launch checktest again, it detects the previously erronous node as valid again

from exitmap.

Ran a checktest and got a hit but the des addr and check addr were the same.

Note that this doesn't really matter. The purpose of the module is to find exit relays that check.torproject.org doesn't recognise as relays. If they happen to have the same descriptor and check address, so be it. As a result, I think this is actually a bug in the check service and not in this module, right?

Also, I think you are referencing the wrong source code repository. For the JSON structure of the check API, have a look at:
https://gitweb.torproject.org/check.git/tree/handlers.go#n103
The IsTor variable is boolean.

from exitmap.

Nullhypothesis,

Thanks so much for the correct repository! I agree with what you said.
I do appologize for being unclear at best with my previous response. (very sleepy yesterday)

The way I see it is that there are 3 cases:

1. Same Desc + Different address = False Negative ==>Correct
2. Same Desc + Same Address = Valid node (check server returning true) ==>Correct
3. Same Desc + Same Address = Valid node (check server returning false - due to timeout or whatever server failure) ==> Incorrect

The 3rd case is the one of interest to us.
So in the case of same descriptor and same address yielding a false response

My proposed solutions:

1. Output a more descriptive response : (Node is a false positive or possible server/Exit node timeout)
   OR
2. Perform a double check on the node.
   If we get a false answer again -->Its a confirmed False Negative.
   If we get a true answer this time --> Its a valid node.

BRegards,
Codarren

from exitmap.

Upon close reading of the code, I believe the issue is somewhere else.
Therefore, I am closing this ticket

from exitmap.

Yes, I think so too. Thanks, and let me know once you figured it out.

from exitmap.