[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r11429: Add code to warn about mauthorities on a consensus when they (in tor/trunk: . doc src/or)

Author: nickm
Date: 2007-09-11 16:17:25 -0400 (Tue, 11 Sep 2007)
New Revision: 11429

Modified:
   tor/trunk/
   tor/trunk/doc/TODO
   tor/trunk/src/or/dirvote.c
   tor/trunk/src/or/or.h
   tor/trunk/src/or/routerlist.c
Log:
 r15048@catbus:  nickm | 2007-09-11 14:20:39 -0400
 Add code to warn about mauthorities on a consensus when they are not what we expect to find.



Property changes on: tor/trunk
___________________________________________________________________
 svk:merge ticket from /tor/trunk [r15048] on 8246c3cf-6607-4228-993b-4d95d33730f1

Modified: tor/trunk/doc/TODO
===================================================================
--- tor/trunk/doc/TODO	2007-09-11 20:17:24 UTC (rev 11428)
+++ tor/trunk/doc/TODO	2007-09-11 20:17:25 UTC (rev 11429)
@@ -64,8 +64,8 @@
           their keys are.
           - While we're at it, let v3 authorities have fqdns lines.
         - Fix all XXXX020s in vote code
-      - Validate information properly.
-        - Warn if we get a vote with different authorities than we know.
+      . Validate information properly.
+        o Warn if we get a vote with different authorities than we know.
         o Don't count votes with a different valid-after when generating
           the same consensus.
         - Dump certificates with the wrong time.  Or just warn?

Modified: tor/trunk/src/or/dirvote.c
===================================================================
--- tor/trunk/src/or/dirvote.c	2007-09-11 20:17:24 UTC (rev 11428)
+++ tor/trunk/src/or/dirvote.c	2007-09-11 20:17:25 UTC (rev 11429)
@@ -734,9 +734,11 @@
 
 /** Given a v3 networkstatus consensus in <b>consensus</b>, check every
  * as-yet-unchecked signature on <b>consensus.  Return 0 if there are enough
- * good signatures from recognized authorities on it, and -1 otherwise. */
+ * good signatures from recognized authorities on it, and -1 otherwise.
+ * DOCDOC warn. */
 int
-networkstatus_check_consensus_signature(networkstatus_vote_t *consensus)
+networkstatus_check_consensus_signature(networkstatus_vote_t *consensus,
+                                        int warn)
 {
   int n_good = 0;
   int n_missing_key = 0;
@@ -744,6 +746,10 @@
   int n_unknown = 0;
   int n_no_signature = 0;
   int n_required = get_n_authorities(V3_AUTHORITY)/2 + 1;
+  smartlist_t *need_certs_from = smartlist_create();
+  smartlist_t *unrecognized = smartlist_create();
+  smartlist_t *missing_authorities = smartlist_create();
+  int severity;
 
   tor_assert(! consensus->is_vote);
 
@@ -755,10 +761,15 @@
         authority_cert_get_by_digests(voter->identity_digest,
                                       voter->signing_key_digest);
       if (! cert) {
+        if (!trusteddirserver_get_by_v3_auth_digest(voter->identity_digest))
+          smartlist_add(unrecognized, voter);
+        else
+          smartlist_add(need_certs_from, voter);
         ++n_unknown;
         continue;
       }
       if (networkstatus_check_voter_signature(consensus, voter, cert) < 0) {
+        smartlist_add(need_certs_from, voter);
         ++n_missing_key;
         continue;
       }
@@ -771,11 +782,54 @@
       ++n_no_signature;
   });
 
-  log_notice(LD_DIR,
-             "%d unknown, %d missing key, %d good, %d bad, %d no signature, "
-             "%d required", n_unknown, n_missing_key, n_good, n_bad,
-             n_no_signature, n_required);
+  /* Now see whether we're missing any voters entirely. */
+  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
+                    trusted_dir_server_t *, ds,
+    {
+      if ((ds->type & V3_AUTHORITY) &&
+          !networkstatus_get_voter_by_id(consensus, ds->v3_identity_digest))
+        smartlist_add(missing_authorities, ds);
+    });
 
+  if (warn > 1 || (warn && n_good < n_required))
+    severity = LOG_WARN;
+  else
+    severity = LOG_INFO;
+
+  if (warn >= 0) {
+    SMARTLIST_FOREACH(unrecognized, networkstatus_voter_info_t *, voter,
+      {
+        log(severity, LD_DIR, "Consensus includes unrecognized authority '%s' "
+            "at %s:%d (contact %s; identity %s)",
+            voter->nickname, voter->address, (int)voter->dir_port,
+            voter->contact?voter->contact:"n/a",
+            hex_str(voter->identity_digest, DIGEST_LEN));
+      });
+    SMARTLIST_FOREACH(need_certs_from, networkstatus_voter_info_t *, voter,
+      {
+        log_info(LD_DIR, "Looks like we need to download a new certificate "
+                 "from authority '%s' at %s:%d (contact %s; identity %s)",
+                 voter->nickname, voter->address, (int)voter->dir_port,
+                 voter->contact?voter->contact:"n/a",
+                 hex_str(voter->identity_digest, DIGEST_LEN));
+      });
+    SMARTLIST_FOREACH(missing_authorities, trusted_dir_server_t *, ds,
+      {
+        log(severity, LD_DIR, "Consensus does not include configured "
+            "authority '%s' at %s:%d (identity %s)",
+            ds->nickname, ds->address, (int)ds->dir_port,
+            hex_str(ds->v3_identity_digest, DIGEST_LEN));
+      });
+    log(severity, LD_DIR,
+        "%d unknown, %d missing key, %d good, %d bad, %d no signature, "
+        "%d required", n_unknown, n_missing_key, n_good, n_bad,
+        n_no_signature, n_required);
+  }
+
+  smartlist_free(unrecognized);
+  smartlist_free(need_certs_from);
+  smartlist_free(missing_authorities);
+
   if (n_good >= n_required)
     return 0;
   else
@@ -1444,7 +1498,7 @@
     goto err;
   }
   /* 'Check' our own signature, to mark it valid. */
-  networkstatus_check_consensus_signature(consensus);
+  networkstatus_check_consensus_signature(consensus, -1);
 
   signatures = networkstatus_get_detached_signatures(consensus);
   if (!signatures) {
@@ -1622,7 +1676,7 @@
 {
   /* Can we actually publish it yet? */
   if (!pending_consensus ||
-      networkstatus_check_consensus_signature(pending_consensus)<0) {
+      networkstatus_check_consensus_signature(pending_consensus, 1)<0) {
     log_warn(LD_DIR, "Not enough info to publish pending consensus");
     return -1;
   }

Modified: tor/trunk/src/or/or.h
===================================================================
--- tor/trunk/src/or/or.h	2007-09-11 20:17:24 UTC (rev 11428)
+++ tor/trunk/src/or/or.h	2007-09-11 20:17:25 UTC (rev 11429)
@@ -2888,7 +2888,8 @@
 networkstatus_voter_info_t *networkstatus_get_voter_by_id(
                                        networkstatus_vote_t *vote,
                                        const char *identity);
-int networkstatus_check_consensus_signature(networkstatus_vote_t *consensus);
+int networkstatus_check_consensus_signature(networkstatus_vote_t *consensus,
+                                            int warn);
 int networkstatus_add_consensus_signatures(networkstatus_vote_t *target,
                                            networkstatus_vote_t *src,
                                            char **new_signatures_out,

Modified: tor/trunk/src/or/routerlist.c
===================================================================
--- tor/trunk/src/or/routerlist.c	2007-09-11 20:17:24 UTC (rev 11428)
+++ tor/trunk/src/or/routerlist.c	2007-09-11 20:17:25 UTC (rev 11429)
@@ -4038,7 +4038,7 @@
   }
 
   /* Make sure it's signed enough. */
-  if (networkstatus_check_consensus_signature(c)<0) {
+  if (networkstatus_check_consensus_signature(c, 1)<0) {
     log_warn(LD_DIR, "Not enough good signatures on networkstatus consensus");
     networkstatus_vote_free(c);
     return -1;