mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-28 06:13:31 +01:00
Merge branch 'asn_bug24977_final_squashed' into maint-0.3.4
This commit is contained in:
commit
7b9cd5cca5
5
changes/bug24977
Normal file
5
changes/bug24977
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
o Minor bugfixes (onion services):
|
||||||
|
- Recompute some consensus information after clock skews or when we
|
||||||
|
transition from a non-live consensus to a live consensus. We do this to
|
||||||
|
avoid having an outdated state which could impact next-generation onion
|
||||||
|
services. Fixes bug 24977; bugfix on 0.3.2.1-alpha.
|
@ -1332,15 +1332,20 @@ hs_get_responsible_hsdirs(const ed25519_public_key_t *blinded_pk,
|
|||||||
|
|
||||||
sorted_nodes = smartlist_new();
|
sorted_nodes = smartlist_new();
|
||||||
|
|
||||||
/* Add every node_t that support HSDir v3 for which we do have a valid
|
/* Make sure we actually have a live consensus */
|
||||||
* hsdir_index already computed for them for this consensus. */
|
networkstatus_t *c = networkstatus_get_live_consensus(approx_time());
|
||||||
{
|
|
||||||
networkstatus_t *c = networkstatus_get_latest_consensus();
|
|
||||||
if (!c || smartlist_len(c->routerstatus_list) == 0) {
|
if (!c || smartlist_len(c->routerstatus_list) == 0) {
|
||||||
log_warn(LD_REND, "No valid consensus so we can't get the responsible "
|
log_warn(LD_REND, "No live consensus so we can't get the responsible "
|
||||||
"hidden service directories.");
|
"hidden service directories.");
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Ensure the nodelist is fresh, since it contains the HSDir indices. */
|
||||||
|
nodelist_ensure_freshness(c);
|
||||||
|
|
||||||
|
/* Add every node_t that support HSDir v3 for which we do have a valid
|
||||||
|
* hsdir_index already computed for them for this consensus. */
|
||||||
|
{
|
||||||
SMARTLIST_FOREACH_BEGIN(c->routerstatus_list, const routerstatus_t *, rs) {
|
SMARTLIST_FOREACH_BEGIN(c->routerstatus_list, const routerstatus_t *, rs) {
|
||||||
/* Even though this node_t object won't be modified and should be const,
|
/* Even though this node_t object won't be modified and should be const,
|
||||||
* we can't add const object in a smartlist_t. */
|
* we can't add const object in a smartlist_t. */
|
||||||
|
@ -113,6 +113,11 @@ typedef struct nodelist_t {
|
|||||||
|
|
||||||
/* Set of addresses that belong to nodes we believe in. */
|
/* Set of addresses that belong to nodes we believe in. */
|
||||||
address_set_t *node_addrs;
|
address_set_t *node_addrs;
|
||||||
|
|
||||||
|
/* The valid-after time of the last live consensus that initialized the
|
||||||
|
* nodelist. We use this to detect outdated nodelists that need to be
|
||||||
|
* rebuilt using a newer consensus. */
|
||||||
|
time_t live_consensus_valid_after;
|
||||||
} nodelist_t;
|
} nodelist_t;
|
||||||
|
|
||||||
static inline unsigned int
|
static inline unsigned int
|
||||||
@ -630,6 +635,12 @@ nodelist_set_consensus(networkstatus_t *ns)
|
|||||||
}
|
}
|
||||||
} SMARTLIST_FOREACH_END(node);
|
} SMARTLIST_FOREACH_END(node);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* If the consensus is live, note down the consensus valid-after that formed
|
||||||
|
* the nodelist. */
|
||||||
|
if (networkstatus_is_live(ns, approx_time())) {
|
||||||
|
the_nodelist->live_consensus_valid_after = ns->valid_after;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Helper: return true iff a node has a usable amount of information*/
|
/** Helper: return true iff a node has a usable amount of information*/
|
||||||
@ -854,6 +865,25 @@ nodelist_assert_ok(void)
|
|||||||
digestmap_free(dm, NULL);
|
digestmap_free(dm, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** Ensure that the nodelist has been created with the most recent consensus.
|
||||||
|
* If that's not the case, make it so. */
|
||||||
|
void
|
||||||
|
nodelist_ensure_freshness(networkstatus_t *ns)
|
||||||
|
{
|
||||||
|
tor_assert(ns);
|
||||||
|
|
||||||
|
/* We don't even have a nodelist: this is a NOP. */
|
||||||
|
if (!the_nodelist) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (the_nodelist->live_consensus_valid_after != ns->valid_after) {
|
||||||
|
log_info(LD_GENERAL, "Nodelist was not fresh: rebuilding. (%d / %d)",
|
||||||
|
(int) the_nodelist->live_consensus_valid_after,
|
||||||
|
(int) ns->valid_after);
|
||||||
|
nodelist_set_consensus(ns);
|
||||||
|
}
|
||||||
|
}
|
||||||
/** Return a list of a node_t * for every node we know about. The caller
|
/** Return a list of a node_t * for every node we know about. The caller
|
||||||
* MUST NOT modify the list. (You can set and clear flags in the nodes if
|
* MUST NOT modify the list. (You can set and clear flags in the nodes if
|
||||||
* you must, but you must not add or remove nodes.) */
|
* you must, but you must not add or remove nodes.) */
|
||||||
|
@ -29,6 +29,7 @@ const node_t *node_get_by_hex_id(const char *identity_digest,
|
|||||||
node_t *nodelist_set_routerinfo(routerinfo_t *ri, routerinfo_t **ri_old_out);
|
node_t *nodelist_set_routerinfo(routerinfo_t *ri, routerinfo_t **ri_old_out);
|
||||||
node_t *nodelist_add_microdesc(microdesc_t *md);
|
node_t *nodelist_add_microdesc(microdesc_t *md);
|
||||||
void nodelist_set_consensus(networkstatus_t *ns);
|
void nodelist_set_consensus(networkstatus_t *ns);
|
||||||
|
void nodelist_ensure_freshness(networkstatus_t *ns);
|
||||||
int nodelist_probably_contains_address(const tor_addr_t *addr);
|
int nodelist_probably_contains_address(const tor_addr_t *addr);
|
||||||
|
|
||||||
void nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md);
|
void nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md);
|
||||||
|
@ -83,6 +83,10 @@ get_voting_schedule(const or_options_t *options, time_t now, int severity)
|
|||||||
interval = (int)( consensus->fresh_until - consensus->valid_after );
|
interval = (int)( consensus->fresh_until - consensus->valid_after );
|
||||||
vote_delay = consensus->vote_seconds;
|
vote_delay = consensus->vote_seconds;
|
||||||
dist_delay = consensus->dist_seconds;
|
dist_delay = consensus->dist_seconds;
|
||||||
|
|
||||||
|
/* Note down the consensus valid after, so that we detect outdated voting
|
||||||
|
* schedules in case of skewed clocks etc. */
|
||||||
|
new_voting_schedule->live_consensus_valid_after = consensus->valid_after;
|
||||||
} else {
|
} else {
|
||||||
interval = options->TestingV3AuthInitialVotingInterval;
|
interval = options->TestingV3AuthInitialVotingInterval;
|
||||||
vote_delay = options->TestingV3AuthInitialVoteDelay;
|
vote_delay = options->TestingV3AuthInitialVoteDelay;
|
||||||
@ -138,14 +142,34 @@ voting_schedule_t voting_schedule;
|
|||||||
time_t
|
time_t
|
||||||
voting_schedule_get_next_valid_after_time(void)
|
voting_schedule_get_next_valid_after_time(void)
|
||||||
{
|
{
|
||||||
|
time_t now = approx_time();
|
||||||
|
bool need_to_recalculate_voting_schedule = false;
|
||||||
|
|
||||||
/* This is a safe guard in order to make sure that the voting schedule
|
/* This is a safe guard in order to make sure that the voting schedule
|
||||||
* static object is at least initialized. Using this function with a zeroed
|
* static object is at least initialized. Using this function with a zeroed
|
||||||
* voting schedule can lead to bugs. */
|
* voting schedule can lead to bugs. */
|
||||||
if (tor_mem_is_zero((const char *) &voting_schedule,
|
if (tor_mem_is_zero((const char *) &voting_schedule,
|
||||||
sizeof(voting_schedule))) {
|
sizeof(voting_schedule))) {
|
||||||
voting_schedule_recalculate_timing(get_options(), time(NULL));
|
need_to_recalculate_voting_schedule = true;
|
||||||
|
goto done; /* no need for next check if we have to recalculate anyway */
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Also make sure we are not using an outdated voting schedule. If we have a
|
||||||
|
* newer consensus, make sure we recalculate the voting schedule. */
|
||||||
|
const networkstatus_t *ns = networkstatus_get_live_consensus(now);
|
||||||
|
if (ns && ns->valid_after != voting_schedule.live_consensus_valid_after) {
|
||||||
|
log_info(LD_DIR, "Voting schedule is outdated: recalculating (%d/%d)",
|
||||||
|
(int) ns->valid_after,
|
||||||
|
(int) voting_schedule.live_consensus_valid_after);
|
||||||
|
need_to_recalculate_voting_schedule = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
done:
|
||||||
|
if (need_to_recalculate_voting_schedule) {
|
||||||
|
voting_schedule_recalculate_timing(get_options(), now);
|
||||||
voting_schedule.created_on_demand = 1;
|
voting_schedule.created_on_demand = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return voting_schedule.interval_starts;
|
return voting_schedule.interval_starts;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -43,6 +43,10 @@ typedef struct {
|
|||||||
* timings only for the first vote even though this object was initilized
|
* timings only for the first vote even though this object was initilized
|
||||||
* prior to voting. */
|
* prior to voting. */
|
||||||
int created_on_demand;
|
int created_on_demand;
|
||||||
|
|
||||||
|
/** The valid-after time of the last live consensus that filled this voting
|
||||||
|
* schedule. It's used to detect outdated voting schedules. */
|
||||||
|
time_t live_consensus_valid_after;
|
||||||
} voting_schedule_t;
|
} voting_schedule_t;
|
||||||
|
|
||||||
/* Public API. */
|
/* Public API. */
|
||||||
|
Loading…
Reference in New Issue
Block a user