nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 05:03:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

r14769@Kushana: nickm | 2007-10-07 14:00:17 -0400

Browse Source 
Fetch networkstatus consensus documents as needed.  Disabled for clients until more caches support it.


svn:r11788
This commit is contained in:
Nick Mathewson 2007-10-08 17:44:09 +00:00
parent cd69e93d50
commit 3f6e3ce61b
6 changed files with 116 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -15,6 +15,7 @@ Changes in version 0.2.0.8-alpha - 2007-??-??
o Minor features (v3 authority system):
- Add more ways for tools to download the votes that lead to the current
consensus.
- Caches now download v3 network status documents as needed.
o Major bugfixes (performance):
- Fix really bad O(n^2) performance when parsing a long list of routers:

14
doc/TODO
View File

@ -78,8 +78,18 @@ Things we'd like to do in 0.2.0.x:
- When checking a consensus, make sure that its times are plausible.
o Add a function that will eventually tell us about our clock skew.
For now, just require that authorities not be skewed.
- Start caching consensus documents once authorities make them
- Start downloading and using consensus documents once caches serve them
. Start caching consensus documents once authorities make them;
start downloading consensus documents once caches serve
them
o Download code
o Code to schedule downloads
- Code to retry fail downloads
- Code to delay next download while fetching certificates
- Enable for non-caches
- Code to use v3 networkstatus documents once clients are
fetching them
- Implement
- Enable
- Controller support
- GETINFO to get consensus
- Event when new consensus arrives

33
src/or/directory.c
View File

@ -497,8 +497,12 @@ connection_dir_request_failed(dir_connection_t *conn)
log_info(LD_DIR, "Giving up on directory server at '%s'; retrying",
conn->_base.address);
connection_dir_download_routerdesc_failed(conn);
} else if (conn->_base.purpose == DIR_PURPOSE_FETCH_CONSENSUS) {
/* XXXX020 NMNM */
} else if (conn->_base.purpose == DIR_PURPOSE_FETCH_CERTIFICATE) {
/* XXXX020 NMNM */
} else {
/* XXXX020 handle failing: votes. signatures. certificates. consensus. */
/* XXXX020 handle failing: votes. signatures. */
}
}
@ -1374,11 +1378,29 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
}
if (conn->_base.purpose == DIR_PURPOSE_FETCH_CONSENSUS) {
/*XXXX020*/;
/* XXXX020 NMNM */;
if (status_code != 200) {
log_fn(status_code == 403 ? LOG_INFO : LOG_WARN, LD_DIR,
"Received http status code %d (%s) from server "
"'%s:%d' while fetching consensus directory.",
status_code, escaped(reason), conn->_base.address,
conn->_base.port);
tor_free(body); tor_free(headers); tor_free(reason);
/* XXXX020NMNM retry. */
return -1;
}
log_info(LD_DIR,"Received consensus directory (size %d) from server "
"'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
if (networkstatus_set_current_consensus(body, 0, 0)<0) {
log_warn(LD_DIR, "Unable to load consensus directory dowloaded from "
"server '%s:%d'", conn->_base.address, conn->_base.port);
tor_free(body); tor_free(headers); tor_free(reason);
/* XXXX020 NMNM retry. */
return -1;
}
log_info(LD_DIR, "Successfully loaded consensus.");
}
if (conn->_base.purpose == DIR_PURPOSE_FETCH_CERTIFICATE) {
log_info(LD_DIR,"Received authority certificatess (size %d) from server "
"'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
if (status_code != 200) {
log_fn(status_code == 403 ? LOG_INFO : LOG_WARN, LD_DIR,
"Received http status code %d (%s) from server "
@ -1386,8 +1408,11 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
status_code, escaped(reason), conn->_base.address,
conn->_base.port, conn->requested_resource);
tor_free(body); tor_free(headers); tor_free(reason);
/* XXXX020NMNM retry. */
return -1;
}
log_info(LD_DIR,"Received authority certificatess (size %d) from server "
"'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
if (trusted_dirs_load_certs_from_string(body, 0)<0) {
log_warn(LD_DIR, "Unable to parse fetched certificates");
} else {

3
src/or/or.h
View File

@ -1247,6 +1247,9 @@ typedef struct routerstatus_t {
unsigned int version_supports_begindir:1;
/** True iff this router is a version that we can post extrainfo docs to. */
unsigned int version_supports_extrainfo_upload:1;
/** True iff this router is a version that, if it caches directory info,
* we can get v3 downloads from. */
unsigned int version_supports_v3_dir:1;
/** True if we, as a directory mirror, want to download the corresponding
* routerinfo from the authority who gave us this routerstatus. (That is,

70
src/or/routerlist.c
View File

@ -34,6 +34,8 @@ static void local_routerstatus_free(local_routerstatus_t *rs);
static void trusted_dir_server_free(trusted_dir_server_t *ds);
static void update_networkstatus_cache_downloads(time_t now);
static void update_networkstatus_client_downloads(time_t now);
static void update_consensus_networkstatus_fetch_time(time_t now);
static void update_consensus_networkstatus_downloads(time_t now);
static int signed_desc_digest_is_recognized(signed_descriptor_t *desc);
static int have_tried_downloading_all_statuses(int n_failures);
static routerstatus_t *networkstatus_find_entry(networkstatus_t *ns,
@ -111,6 +113,13 @@ static time_t last_routerdesc_download_attempted = 0;
* mirrors). Clients don't use this now. */
static time_t last_networkstatus_download_attempted = 0;
/** The last time we tried to download a networkstatus, or 0 for "never". We
* use this to rate-limit download attempts for directory caches (including
* mirrors). Clients don't use this now. */
static time_t last_consensus_networkstatus_download_attempted = 0;
/**DOCDOC*/
static time_t time_to_download_next_consensus = 0;
/** True iff we have logged a warning about this OR not being valid or
* not being named. */
static int have_warned_about_invalid_status = 0;
@ -982,6 +991,9 @@ router_pick_directory_server_impl(int requireother, int fascistfirewall,
if (requireother && router_digest_is_me(status->identity_digest))
continue;
is_trusted = router_digest_is_trusted_dir(status->identity_digest);
if ((type & V3_AUTHORITY &&
!(status->version_supports_v3_dir || is_trusted)))
continue; /* is_trusted is not quite right XXXX020. */
if ((type & V2_AUTHORITY) && !(status->is_v2_dir || is_trusted))
continue;
if ((type & EXTRAINFO_CACHE) &&
@ -3921,6 +3933,56 @@ update_networkstatus_client_downloads(time_t now)
smartlist_free(missing);
}
/** DOCDOC */
static void
update_consensus_networkstatus_downloads(time_t now)
{
or_options_t *options = get_options();
if (!options->DirPort) /*XXXX020 remove this. */
return;
if (time_to_download_next_consensus > now)
return;
if (authdir_mode_v3(options))
return;
if (connection_get_by_type_purpose(CONN_TYPE_DIR,
DIR_PURPOSE_FETCH_CONSENSUS))
return;
/* XXXX020 on failure, delay until next retry. */
last_consensus_networkstatus_download_attempted = now;/*XXXX020 use this*/
directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
ROUTER_PURPOSE_GENERAL, NULL, 1);
// XXXX020 time_to_download_next_consensus = put it off for a while?
}
/** DOCDOC */
static void
update_consensus_networkstatus_fetch_time(time_t now)
{
or_options_t *options = get_options();
/* XXXX020 call this when DirPort switches on or off. NMNM */
if (current_consensus) {
const networkstatus_vote_t *c = current_consensus;
time_t start;
long interval;
if (options->DirPort) {
start = c->valid_after + 120; /*XXXX020 make this a macro. */
/* XXXX020 too much magic. */
interval = (c->fresh_until - c->valid_after) / 2;
} else {
start = c->fresh_until;
/* XXXX020 too much magic. */
interval = (c->valid_until - c->fresh_until) * 7 / 8;
}
if (interval < 1)
interval = 1;
tor_assert(start+interval < c->valid_until);
time_to_download_next_consensus = start + crypto_rand_int(interval);
} else {
time_to_download_next_consensus = now;
}
}
/** Return 1 if there's a reason we shouldn't try any directory
* fetches yet (e.g. we demand bridges and none are yet known).
* Else return 0. */
@ -3945,6 +4007,7 @@ update_networkstatus_downloads(time_t now)
update_networkstatus_cache_downloads(now);
else
update_networkstatus_client_downloads(now);
update_consensus_networkstatus_downloads(now);
}
/** Clear all our timeouts for fetching v2 directory stuff, and then
@ -4143,6 +4206,8 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
{
networkstatus_vote_t *c;
int r;
time_t now = time(NULL);
/* Make sure it's parseable. */
c = networkstatus_parse_vote_from_string(consensus, NULL, 0);
if (!c) {
@ -4164,6 +4229,7 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
tor_free(consensus_waiting_for_certs_body);
consensus_waiting_for_certs = c;
consensus_waiting_for_certs_body = tor_strdup(consensus);
/*XXXX020 delay next update. NMNM */
if (!from_cache) {
or_options_t *options = get_options();
char filename[512];
@ -4177,7 +4243,7 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
DIR_PURPOSE_FETCH_CERTIFICATE))
authority_certs_fetch_missing(c);
}
return -1; /* XXXX020 shoul*/
return 0;
} else {
if (!was_waiting_for_certs)
log_warn(LD_DIR, "Not enough good signatures on networkstatus "
@ -4208,6 +4274,8 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
current_consensus = c;
update_consensus_networkstatus_fetch_time(now);
if (!from_cache) {
or_options_t *options = get_options();
char filename[512];

2
src/or/routerparse.c
View File

@ -1669,6 +1669,8 @@ routerstatus_parse_entry_from_string(const char **s, smartlist_t *tokens,
tor_version_as_new_as(tok->args[0], "0.1.2.2-alpha");
rs->version_supports_extrainfo_upload =
tor_version_as_new_as(tok->args[0], "0.2.0.0-alpha-dev (r10070)");
rs->version_supports_v3_dir =
tor_version_as_new_as(tok->args[0], "0.2.0.8-alpha");
}
if (vote_rs) {
vote_rs->version = tok->args[0];