r16278@catbus: nickm | 2007-10-30 09:46:28 -0400

Accept future networkstatus documents, but warn about skew when we get them.


svn:r12282
This commit is contained in:
Nick Mathewson 2007-10-30 15:17:01 +00:00
parent 07621f090f
commit 7709fb7143
4 changed files with 19 additions and 9 deletions

View File

@ -36,6 +36,7 @@ Changes in version 0.2.0.10-alpha - 2007-1?-??
- When we have no consensus, check FallbackNetworkstatusFile (defaults
to $PREFIX/share/tor/fallback-consensus) for a consensus. This way
we start knowing some directory caches.
- When we receive a consensus from the future, warn about skew.
- Utilities:
- Update linux-tor-prio.sh script to allow QoS based on the uid of

View File

@ -58,8 +58,8 @@ Things we'd like to do in 0.2.0.x:
- Revised handshake.
- Have a 'waiting_for_authentication' state.
- Only do version negotiation if we use the normalized TLS.
- Skew issues:
- if you load (nick says receive/set/anything) a consensus that's
. Skew issues:
o if you load (nick says receive/set/anything) a consensus that's
in the future, then log about skew.
- should change the "skew complaint" to specify in largest units
rather than just seconds.

View File

@ -1200,12 +1200,14 @@ $Id$
CLOCK_SKEW
SKEW="+" / "-" SECONDS
SOURCE="DIRSERV:IP:Port" / "NETWORKSTATUS:IP:PORT"
SOURCE="DIRSERV:IP:Port" / "NETWORKSTATUS:IP:PORT" / "CONSENSUS"
If "SKEW" is present, it's an estimate of how far we are from the
time declared in the source. If the source is a DIRSERV, we got
the current time from a connection to a dirserver. If the source is
a NETWORKSTATUS, we decided we're skewed because we got a
networkstatus from far in the future.
a NETWORKSTATUS, we decided we're skewed because we got a v2
networkstatus from far in the future. If the source is
CONSENSUS, we decided we're skewed because we got a networkstatus
consensus from the future.
{Controllers may want to warn the user if the skew is high, or if
multiple skew messages appear at severity WARN. Controllers

View File

@ -1235,7 +1235,8 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
}
if (current_consensus && c->valid_after <= current_consensus->valid_after) {
/* We have a newer one. */
/* We have a newer one. There's no point in accepting this one,
* even if it's great. */
log_info(LD_DIR, "Got a consensus at least as old as the one we have");
goto done;
}
@ -1284,9 +1285,6 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
}
}
/* XXXX020 check dates for plausibility. Don't trust a consensus whose
* valid-after date is very far in the future. */
/* Are we missing any certificates at all? */
if (r != 1)
authority_certs_fetch_missing(c, now);
@ -1330,6 +1328,15 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
dirserv_set_cached_networkstatus_v3(consensus,
current_consensus->valid_after);
if (ftime_definitely_before(now, current_consensus->valid_after)) {
char buf[ISO_TIME_LEN+1];
format_iso_time(buf, current_consensus->valid_after);
log_warn(LD_GENERAL, "Consensus network status document was published "
"at some time in the future (%s GMT). Check your time and date "
"settings!", buf);
control_event_general_status(LOG_WARN, "CLOCK_SKEW SOURCE=CONSENSUS");
}
router_dir_info_changed();
result = 0;