From 1ce3713889201af031155cb815cc373569624985 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 8 Mar 2006 06:29:52 +0000 Subject: [PATCH] Possible bug 265 fix: authorities must be more strict than clients about age of acceptable routers; make routers publish every 12 hours; client ROUTER_MAX_AGE must be greater than NETWORKSTATUS_MAX_AGE+authoirty ROUTER_MAX_AGE. svn:r6095 --- src/or/dirserv.c | 10 +++++----- src/or/or.h | 9 +++++++-- src/or/routerlist.c | 9 +++------ 3 files changed, 15 insertions(+), 13 deletions(-) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 379cc85c7e..e197477231 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -457,7 +457,7 @@ authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg, "timezone is not correct."; return -1; } - if (ri->cache_info.published_on < now-ROUTER_MAX_AGE) { + if (ri->cache_info.published_on < now-ROUTER_MAX_AGE_TO_PUBLISH) { log_fn(severity, LD_DIRSERV, "Publication time for router with nickname '%s' is too far " "(%d minutes) in the past. Not adding (ContactInfo '%s', " @@ -742,7 +742,7 @@ list_server_status(smartlist_t *routers, char **router_status_out) * equals-suffixed nickname, then a dollar-prefixed hexdigest. */ smartlist_t *rs_entries; time_t now = time(NULL); - time_t cutoff = now - ROUTER_MAX_AGE; + time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH; int authdir_mode = get_options()->AuthoritativeDir; tor_assert(router_status_out); @@ -917,7 +917,7 @@ set_cached_dir(cached_dir_t *d, char *directory, time_t when) if (when<=d->published) { log_info(LD_DIRSERV, "Ignoring old directory; not caching."); tor_free(directory); - } else if (when>=now+ROUTER_MAX_AGE) { + } else if (when>=now+ROUTER_MAX_AGE_TO_PUBLISH) { log_info(LD_DIRSERV, "Ignoring future directory; not caching."); tor_free(directory); } else { @@ -1327,7 +1327,7 @@ generate_v2_networkstatus(void) crypto_pk_env_t *private_key = get_identity_key(); routerlist_t *rl = router_get_routerlist(); time_t now = time(NULL); - time_t cutoff = now - ROUTER_MAX_AGE; + time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH; int naming = options->NamingAuthoritativeDir; int versioning = options->VersioningAuthoritativeDir; const char *contact; @@ -1593,7 +1593,7 @@ dirserv_get_routerdescs(smartlist_t *descs_out, const char *key, smartlist_free(digests); } else if (!strcmpstart(key, "/tor/server/fp/")) { smartlist_t *digests = smartlist_create(); - time_t cutoff = time(NULL) - ROUTER_MAX_AGE; + time_t cutoff = time(NULL) - ROUTER_MAX_AGE_TO_PUBLISH; key += strlen("/tor/server/fp/"); dir_split_resource_into_fingerprints(key, digests, NULL, 1); SMARTLIST_FOREACH(digests, const char *, d, diff --git a/src/or/or.h b/src/or/or.h index 5b0f576aa4..97501f1def 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -190,9 +190,14 @@ /** How old do we allow a router to get before removing it * from the router list? In seconds. */ -#define ROUTER_MAX_AGE (60*60*24) +#define ROUTER_MAX_AGE (60*60*48) +/** How old can a router get before we (as a server) will no longer + * consider it live? In seconds. */ +#define ROUTER_MAX_AGE_TO_PUBLISH (60*60*20) /** How old do we let a saved descriptor get before removing it? */ -#define OLD_ROUTER_DESC_MAX_AGE (60*60*48) +#define OLD_ROUTER_DESC_MAX_AGE (60*60*60) +/** How old do we let a networkstatus get before ignoring it? */ +#define NETWORKSTATUS_MAX_AGE (60*60*24) typedef enum { CIRC_ID_TYPE_LOWER=0, diff --git a/src/or/routerlist.c b/src/or/routerlist.c index d2f2e8f5a3..55a9f6a736 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -1967,7 +1967,7 @@ add_networkstatus_to_cache(const char *s, /** How far in the future do we allow a network-status to get before removing * it? (seconds) */ -#define NETWORKSTATUS_ALLOW_SKEW (48*60*60) +#define NETWORKSTATUS_ALLOW_SKEW (24*60*60) /** Given a string s containing a network status that we received at * arrived_at from source, try to parse it, see if we want to * store it, and put it into our cache is necessary. @@ -2272,9 +2272,6 @@ update_networkstatus_cache_downloads(time_t now) } } -/*XXXX Should these be configurable? NM*/ -/** How old (in seconds) can a network-status be before we try replacing it? */ -#define NETWORKSTATUS_MAX_VALIDITY (48*60*60) /** How long (in seconds) does a client wait after getting a network status * before downloading the next in sequence? */ #define NETWORKSTATUS_CLIENT_DL_INTERVAL (30*60) @@ -2301,7 +2298,7 @@ update_networkstatus_client_downloads(time_t now) /* This is a little tricky. We want to download enough network-status * objects so that we have at least half of them under - * NETWORKSTATUS_MAX_VALIDITY publication time. We want to download a new + * NETWORKSTATUS_MAX_AGE publication time. We want to download a new * *one* if the most recent one's publication time is under * NETWORKSTATUS_CLIENT_DL_INTERVAL. */ @@ -2317,7 +2314,7 @@ update_networkstatus_client_downloads(time_t now) --n_running_dirservers; continue; } - if (ns->published_on > now-NETWORKSTATUS_MAX_VALIDITY) + if (ns->published_on > now-NETWORKSTATUS_MAX_AGE) ++n_live; if (!most_recent || ns->received_on > most_recent_received) { most_recent_idx = ds_sl_idx; /* magic variable from FOREACH */