[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: purging old router information, revocation



On Sat, Feb 24, 2007 at 12:49:32AM -0500, James Muir wrote:
> One thing that I couldn't find any reference to in the comments in the 
> source code is how long directory authorities will keep trying to 
> connect to an onion router that is not responding.  Is this also 20 
> hours?  There is a discussion about what Tor clients do when one of 
> their entry guards stops responding but I would guess that directory 
> authorities probably behave differently.

It looks like authorities do reachability testing on anything that's
in rl->routers: see dirserv_test_reachability().

It looks like elements are only removed from that list in
routerlist_remove_old_routers(), and it removes them if they're more
than 48 hours old *and* they're not recommended by networkstatuses.

This is probably a bug: we don't mention them in the directories if
they're older than 20 hours, yet we keep testing them for at least 48
hours. Here's a fix for that:

--- dirserv.c   (revision 9664)
+++ dirserv.c   (working copy)
@@ -1968,6 +1968,7 @@
 dirserv_test_reachability(int try_all)
 {
   time_t now = time(NULL);
+  time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
   routerlist_t *rl = router_get_routerlist();
   static char ctr = 0;
 
@@ -1975,6 +1976,8 @@
     const char *id_digest = router->cache_info.identity_digest;
     if (router_is_me(router))
       continue;
+    if (router->cache_info.published_on > cutoff)
+      continue;
     if (try_all || (((uint8_t)id_digest[0]) % 128) == ctr) {
       log_debug(LD_OR,"Testing reachability of %s at %s:%u.",
                 router->nickname, router->address, router->or_port);

But it's not that clearcut, since 'getinfo network-status' via the
controller lists all routerinfos in rl->routers, regardless of age,
in list_server_status(). Perhaps *that* is a bug too, since you'll be
getting different output from the controller than you would from the
directory port? :)

Needs a bit more thinking. Does anybody here use getinfo network-status,
and if so, what behavior do you expect?
--Roger