From cd279ca7f59cba46a319854c9e7f65fbb6f0a0af Mon Sep 17 00:00:00 2001 From: "teor (Tim Wilson-Brown)" Date: Wed, 30 Sep 2015 13:33:56 +0200 Subject: [PATCH 1/2] Warn when the system clock is set back in time Warn when the state file was last written in the future. Tor doesn't know that consensuses have expired if the clock is in the past. Patch by "teor". Implements ticket #17188. --- changes/warn-when-time-goes-backwards | 5 +++++ src/or/statefile.c | 12 ++++++++++++ 2 files changed, 17 insertions(+) create mode 100644 changes/warn-when-time-goes-backwards diff --git a/changes/warn-when-time-goes-backwards b/changes/warn-when-time-goes-backwards new file mode 100644 index 0000000000..d7e584d9ff --- /dev/null +++ b/changes/warn-when-time-goes-backwards @@ -0,0 +1,5 @@ + o Minor features (security, clock): + - Warn when the system clock is set back in time (when the + state file was last written in the future). Tor doesn't know + that consensuses have expired if the clock is in the past. + Patch by "teor". Implements ticket #17188. diff --git a/src/or/statefile.c b/src/or/statefile.c index dd1894beb7..a904c411f4 100644 --- a/src/or/statefile.c +++ b/src/or/statefile.c @@ -372,6 +372,18 @@ or_state_load(void) new_state = or_state_new(); } else if (contents) { log_info(LD_GENERAL, "Loaded state from \"%s\"", fname); + /* Warn the user if their clock has been set backwards, + * they could be tricked into using old consensuses */ + if (new_state->LastWritten > time(NULL)) { + char last_written_str[ISO_TIME_LEN+1]; + char now_str[ISO_TIME_LEN+1]; + format_iso_time(last_written_str, new_state->LastWritten), + format_iso_time(now_str, time(NULL)); + log_warn(LD_GENERAL, "Your system clock has been set back in time. " + "Tor needs an accurate clock to know when the consensus " + "expires. Clock time is %s, state file time is %s.", + now_str, last_written_str); + } } else { log_info(LD_GENERAL, "Initialized state"); } From 763cb393d3ae6dee8f25afca011e5ec1796ed970 Mon Sep 17 00:00:00 2001 From: "teor (Tim Wilson-Brown)" Date: Thu, 1 Oct 2015 09:58:15 +0200 Subject: [PATCH 2/2] fixup #17188: Add most likely reasons for clock going backwards Add "You might have an empty clock battery or bad NTP server." --- src/or/statefile.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/or/statefile.c b/src/or/statefile.c index a904c411f4..7481cd71cb 100644 --- a/src/or/statefile.c +++ b/src/or/statefile.c @@ -381,7 +381,8 @@ or_state_load(void) format_iso_time(now_str, time(NULL)); log_warn(LD_GENERAL, "Your system clock has been set back in time. " "Tor needs an accurate clock to know when the consensus " - "expires. Clock time is %s, state file time is %s.", + "expires. You might have an empty clock battery or bad NTP " + "server. Clock time is %s, state file time is %s.", now_str, last_written_str); } } else {