[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #20511 [Core Tor/Tor]: add a failsafe where if you're about to serve a consensus that you know is obsolete, don't do it



#20511: add a failsafe where if you're about to serve a consensus that you know is
obsolete, don't do it
--------------------------+------------------------------------
 Reporter:  arma          |          Owner:
     Type:  enhancement   |         Status:  needs_revision
 Priority:  Medium        |      Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------
Changes (by teor):

 * status:  needs_review => needs_revision


Comment:

 This patch looks good.
 Since networkstatus_consensus_reasonably_live depends on consensus being
 non-NULL, I suggest you do something like:
 {{{
 if (BUG(!consensus)) {
   return 0;
 }
 }}}
 A nitpick, I would make the 60*60 log severity time in a #define.

 Another (separate) issue is whether clients should reject consensuses that
 are obviously too old. This was fixed in #20533: clients that receive a
 consensus after its valid_until time (or that try to download certificates
 for an expired consensus) will stop downloading certificates and consider
 the consensus a failure. I think we also reject old consensuses as soon as
 we parse them, but we should check this. See

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20511#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs