r17503@catbus: nickm | 2008-01-07 14:15:30 -0500

Change set_current_consensus interface to take a flags variable.  Do not try to fetch certificates until after we have tried loading the fallback consensus.  Should fix bug 583.


svn:r13058
This commit is contained in:
Nick Mathewson 2008-01-07 19:15:34 +00:00
parent a62ab48d30
commit 177d5102d5
5 changed files with 26 additions and 12 deletions

View File

@ -33,6 +33,8 @@ Changes in version 0.2.0.16-alpha - 2008-01-??
anymore, and we try to upload a hidden service descriptor. anymore, and we try to upload a hidden service descriptor.
- Stop leaking one cert per TLS context. Fixes bug 582. Bugfix - Stop leaking one cert per TLS context. Fixes bug 582. Bugfix
on 0.2.0.15-alpha. on 0.2.0.15-alpha.
- Do not try to download missing certificates until we have tried
to check our fallback consensus. Fixes bug 583.
o Minor features (controller): o Minor features (controller):
- Get NS events working again. (Patch from tup) - Get NS events working again. (Patch from tup)

View File

@ -1483,7 +1483,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
} }
log_info(LD_DIR,"Received consensus directory (size %d) from server " log_info(LD_DIR,"Received consensus directory (size %d) from server "
"'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port); "'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
if ((r=networkstatus_set_current_consensus(body, 0, 0))<0) { if ((r=networkstatus_set_current_consensus(body, 0))<0) {
log_fn(r<-1?LOG_WARN:LOG_INFO, LD_DIR, log_fn(r<-1?LOG_WARN:LOG_INFO, LD_DIR,
"Unable to load consensus directory downloaded from " "Unable to load consensus directory downloaded from "
"server '%s:%d'", conn->_base.address, conn->_base.port); "server '%s:%d'", conn->_base.address, conn->_base.port);

View File

@ -1850,7 +1850,7 @@ dirvote_publish_consensus(void)
return -1; return -1;
} }
if (networkstatus_set_current_consensus(pending_consensus_body, 0, 0)) if (networkstatus_set_current_consensus(pending_consensus_body, 0))
log_warn(LD_DIR, "Error publishing consensus"); log_warn(LD_DIR, "Error publishing consensus");
else else
log_notice(LD_DIR, "Consensus published."); log_notice(LD_DIR, "Consensus published.");

View File

@ -163,13 +163,14 @@ router_reload_consensus_networkstatus(void)
char *s; char *s;
struct stat st; struct stat st;
or_options_t *options = get_options(); or_options_t *options = get_options();
const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS;
/* XXXX020 Suppress warnings if cached consensus is bad. */ /* XXXX020 Suppress warnings if cached consensus is bad. */
filename = get_datadir_fname("cached-consensus"); filename = get_datadir_fname("cached-consensus");
s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL); s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
if (s) { if (s) {
if (networkstatus_set_current_consensus(s, 1, 0)) { if (networkstatus_set_current_consensus(s, flags)) {
log_warn(LD_FS, "Couldn't load consensus networkstatus from \"%s\"", log_warn(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
filename); filename);
} }
@ -180,7 +181,8 @@ router_reload_consensus_networkstatus(void)
filename = get_datadir_fname("unverified-consensus"); filename = get_datadir_fname("unverified-consensus");
s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL); s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
if (s) { if (s) {
if (networkstatus_set_current_consensus(s, 1, 1)) { if (networkstatus_set_current_consensus(s,
flags|NSSET_WAS_WAITING_FOR_CERTS)) {
log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"", log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
filename); filename);
} }
@ -194,7 +196,7 @@ router_reload_consensus_networkstatus(void)
s = read_file_to_str(options->FallbackNetworkstatusFile, s = read_file_to_str(options->FallbackNetworkstatusFile,
RFTS_IGNORE_MISSING, NULL); RFTS_IGNORE_MISSING, NULL);
if (s) { if (s) {
if (networkstatus_set_current_consensus(s, 1, 1)) { if (networkstatus_set_current_consensus(s, flags)) {
log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"", log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
options->FallbackNetworkstatusFile); options->FallbackNetworkstatusFile);
} else { } else {
@ -212,6 +214,8 @@ router_reload_consensus_networkstatus(void)
unnamed_server_map = strmap_new(); unnamed_server_map = strmap_new();
} }
update_certificate_downloads(time(NULL));
routers_update_all_from_networkstatus(time(NULL), 3); routers_update_all_from_networkstatus(time(NULL), 3);
return 0; return 0;
@ -1323,13 +1327,17 @@ networkstatus_copy_old_consensus_info(networkstatus_vote_t *new_c,
* user, and -2 for more serious problems. * user, and -2 for more serious problems.
*/ */
int int
networkstatus_set_current_consensus(const char *consensus, int from_cache, networkstatus_set_current_consensus(const char *consensus, unsigned flags)
int was_waiting_for_certs)
{ {
networkstatus_vote_t *c; networkstatus_vote_t *c;
int r, result = -1; int r, result = -1;
time_t now = time(NULL); time_t now = time(NULL);
char *unverified_fname = NULL, *consensus_fname = NULL; char *unverified_fname = NULL, *consensus_fname = NULL;
const unsigned from_cache = flags & NSSET_FROM_CACHE;
const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
/* Make sure it's parseable. */ /* Make sure it's parseable. */
c = networkstatus_parse_vote_from_string(consensus, NULL, 0); c = networkstatus_parse_vote_from_string(consensus, NULL, 0);
@ -1380,6 +1388,7 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
if (!from_cache) { if (!from_cache) {
write_str_to_file(unverified_fname, consensus, 0); write_str_to_file(unverified_fname, consensus, 0);
} }
if (dl_certs)
authority_certs_fetch_missing(c, now); authority_certs_fetch_missing(c, now);
/* This case is not a success or a failure until we get the certs /* This case is not a success or a failure until we get the certs
* or fail to get the certs. */ * or fail to get the certs. */
@ -1405,7 +1414,7 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
} }
/* Are we missing any certificates at all? */ /* Are we missing any certificates at all? */
if (r != 1) if (r != 1 && dl_certs)
authority_certs_fetch_missing(c, now); authority_certs_fetch_missing(c, now);
if (control_event_is_interesting(EVENT_NS)) if (control_event_is_interesting(EVENT_NS))
@ -1486,7 +1495,8 @@ networkstatus_note_certs_arrived(void)
if (networkstatus_check_consensus_signature( if (networkstatus_check_consensus_signature(
consensus_waiting_for_certs, 0)>=0) { consensus_waiting_for_certs, 0)>=0) {
if (!networkstatus_set_current_consensus( if (!networkstatus_set_current_consensus(
consensus_waiting_for_certs_body, 0, 1)) { consensus_waiting_for_certs_body,
NSSET_WAS_WAITING_FOR_CERTS)) {
tor_free(consensus_waiting_for_certs_body); tor_free(consensus_waiting_for_certs_body);
} }
} }

View File

@ -3366,8 +3366,10 @@ networkstatus_v2_t *networkstatus_v2_get_by_digest(const char *digest);
networkstatus_vote_t *networkstatus_get_latest_consensus(void); networkstatus_vote_t *networkstatus_get_latest_consensus(void);
networkstatus_vote_t *networkstatus_get_live_consensus(time_t now); networkstatus_vote_t *networkstatus_get_live_consensus(time_t now);
networkstatus_vote_t *networkstatus_get_reasonably_live_consensus(time_t now); networkstatus_vote_t *networkstatus_get_reasonably_live_consensus(time_t now);
int networkstatus_set_current_consensus(const char *consensus, int from_cache, #define NSSET_FROM_CACHE 1
int was_waiting_for_certs); #define NSSET_WAS_WAITING_FOR_CERTS 2
#define NSSET_DONT_DOWNLOAD_CERTS 4
int networkstatus_set_current_consensus(const char *consensus, unsigned flags);
void networkstatus_note_certs_arrived(void); void networkstatus_note_certs_arrived(void);
void routers_update_all_from_networkstatus(time_t now, int dir_version); void routers_update_all_from_networkstatus(time_t now, int dir_version);
void routerstatus_list_update_from_consensus_networkstatus(time_t now); void routerstatus_list_update_from_consensus_networkstatus(time_t now);