[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r18187: {tor} backport r17917, r17993: tors that haven't run lately take 1 (in tor/branches/tor-0_2_0-patches: . doc src/or)



Author: arma
Date: 2009-01-20 03:10:48 -0500 (Tue, 20 Jan 2009)
New Revision: 18187

Modified:
   tor/branches/tor-0_2_0-patches/ChangeLog
   tor/branches/tor-0_2_0-patches/doc/TODO.020
   tor/branches/tor-0_2_0-patches/src/or/networkstatus.c
   tor/branches/tor-0_2_0-patches/src/or/or.h
   tor/branches/tor-0_2_0-patches/src/or/routerlist.c
Log:
backport r17917, r17993: tors that haven't run lately take 10+ minutes
to start, and when they do they still use incredibly obsolete descriptors.


Modified: tor/branches/tor-0_2_0-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_2_0-patches/ChangeLog	2009-01-20 00:42:14 UTC (rev 18186)
+++ tor/branches/tor-0_2_0-patches/ChangeLog	2009-01-20 08:10:48 UTC (rev 18187)
@@ -22,6 +22,13 @@
       to anybody who asks, now that extrainfo docs include potentially
       sensitive aggregated client geoip summaries. Bugfix on
       0.2.0.13-alpha.
+    - If the cached networkstatus consensus is more than five days old,
+      discard it rather than trying to use it. In theory it could be
+      useful because it lists alternate directory mirrors, but in practice
+      it just means we spend many minutes trying directory mirrors that
+      are long gone from the network. Also discard router descriptors as
+      we load them if they are more than five days old, since the onion
+      key is probably wrong by now. Bugfix on 0.2.0.x. Fixes bug 887.
 
   o Minor bugfixes:
     - Do not mark smartlist_bsearch_idx() function as ATTR_PURE. This bug

Modified: tor/branches/tor-0_2_0-patches/doc/TODO.020
===================================================================
--- tor/branches/tor-0_2_0-patches/doc/TODO.020	2009-01-20 00:42:14 UTC (rev 18186)
+++ tor/branches/tor-0_2_0-patches/doc/TODO.020	2009-01-20 08:10:48 UTC (rev 18187)
@@ -17,7 +17,7 @@
   - r17886: Don't remove routerinfos as unlisted unless we have a
     consensus.
   - r17887: Don't accept 1.2.3 as a valid IP address.
-  - r17917, r17993: tors that haven't run lately take 10+ minutes to start
+  o r17917, r17993: tors that haven't run lately take 10+ minutes to start
   - r17924: Close streams when an exit hands us a local IP.
 
 Backport for 0.2.0, maybe:

Modified: tor/branches/tor-0_2_0-patches/src/or/networkstatus.c
===================================================================
--- tor/branches/tor-0_2_0-patches/src/or/networkstatus.c	2009-01-20 00:42:14 UTC (rev 18186)
+++ tor/branches/tor-0_2_0-patches/src/or/networkstatus.c	2009-01-20 08:10:48 UTC (rev 18187)
@@ -211,7 +211,8 @@
     s = read_file_to_str(options->FallbackNetworkstatusFile,
                          RFTS_IGNORE_MISSING, NULL);
     if (s) {
-      if (networkstatus_set_current_consensus(s, flags)) {
+      if (networkstatus_set_current_consensus(s,
+                                              flags|NSSET_ACCEPT_OBSOLETE)) {
         log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
                  options->FallbackNetworkstatusFile);
       } else {
@@ -1372,6 +1373,7 @@
   const unsigned from_cache = flags & NSSET_FROM_CACHE;
   const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
   const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
+  const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE;
 
   /* Make sure it's parseable. */
   c = networkstatus_parse_vote_from_string(consensus, NULL, 0);
@@ -1381,6 +1383,15 @@
     goto done;
   }
 
+  if (from_cache && !accept_obsolete &&
+      c->valid_until < now-OLD_ROUTER_DESC_MAX_AGE) {
+    /* XXX022 when we try to make fallbackconsensus work again, we should
+     * consider taking this out. Until then, believing obsolete consensuses
+     * is causing more harm than good. See also bug 887. */
+    log_info(LD_DIR, "Loaded an obsolete consensus. Discarding.");
+    goto done;
+  }
+
   if (current_consensus &&
       !memcmp(c->networkstatus_digest, current_consensus->networkstatus_digest,
               DIGEST_LEN)) {

Modified: tor/branches/tor-0_2_0-patches/src/or/or.h
===================================================================
--- tor/branches/tor-0_2_0-patches/src/or/or.h	2009-01-20 00:42:14 UTC (rev 18186)
+++ tor/branches/tor-0_2_0-patches/src/or/or.h	2009-01-20 08:10:48 UTC (rev 18187)
@@ -3415,6 +3415,7 @@
 #define NSSET_FROM_CACHE 1
 #define NSSET_WAS_WAITING_FOR_CERTS 2
 #define NSSET_DONT_DOWNLOAD_CERTS 4
+#define NSSET_ACCEPT_OBSOLETE 8
 int networkstatus_set_current_consensus(const char *consensus, unsigned flags);
 void networkstatus_note_certs_arrived(void);
 void routers_update_all_from_networkstatus(time_t now, int dir_version);

Modified: tor/branches/tor-0_2_0-patches/src/or/routerlist.c
===================================================================
--- tor/branches/tor-0_2_0-patches/src/or/routerlist.c	2009-01-20 00:42:14 UTC (rev 18186)
+++ tor/branches/tor-0_2_0-patches/src/or/routerlist.c	2009-01-20 08:10:48 UTC (rev 18187)
@@ -2864,6 +2864,12 @@
     }
   }
 
+  if (!in_consensus && from_cache &&
+      router->cache_info.published_on < time(NULL) - OLD_ROUTER_DESC_MAX_AGE) {
+    *msg = "Router descriptor was really old.";
+    return -1;
+  }
+
   /* We haven't seen a router with this identity before. Add it to the end of
    * the list. */
   routerlist_insert(routerlist, router);