Fallbacks: use a 24 hour future consensus tolerance

Tor clients on 0.3.5.6-rc? and later will use a consensus that will become
valid up to 24 hours in the future.

Clients on 0.3.5.5-alpha? and earlier won't accept future consensuses.

Update the fallback expiry tolerance to match tor's checks.

Part of 28768, follow-up on 28591.

changes/ticket28768

@@ -1,4 +1,4 @@
   o Minor features (fallback directory mirrors):
     - Accept fallbacks that deliver reasonably live consensuses.
-      (Consensuses that expired less than 24 hours ago.)
+      (Consensuses that will become valid less than 24 hours in the future,
-      Closes ticket 28768.
+      or that expired less than 24 hours ago.) Closes ticket 28768.

scripts/maint/updateFallbackDirs.py

@@ -98,14 +98,19 @@ MUST_BE_RUNNING_NOW = (PERFORM_IPV4_DIRPORT_CHECKS
 # Clients have been using microdesc consensuses by default for a while now
 DOWNLOAD_MICRODESC_CONSENSUS = True
 
-# If a relay delivers an invalid consensus, if it expired less than this many
+# If a relay delivers an invalid consensus, if it will become valid less than
-# seconds ago, accept the relay as a fallback. For the consensus expiry check
+# this many seconds in the future, or expired less than this many seconds ago,
-# to be accurate, the machine running this script needs an accurate clock.
+# accept the relay as a fallback. For the consensus expiry check to be
+# accurate, the machine running this script needs an accurate clock.
 #
 # Relays on 0.3.0 and later return a 404 when they are about to serve a
 # consensus that expired more than 24 hours ago. 0.2.9 and earlier relays
 # will serve consensuses that are very old.
 #
+# Relays on 0.3.5.6-rc? and later return a 404 when they are about to serve a
+# consensus that will become valid more than 24 hours in the future. Older
+# relays don't serve future consensuses.
+#
 # A 404 makes relays fail the download check. We use a tolerance of 24 hours,
 # so that 0.2.9 relays also fail the download check if they serve a consensus
 # that is not reasonably live.
@@ -1127,6 +1132,7 @@ class Candidate(object):
                                 ).run()[0]
       end = datetime.datetime.utcnow()
       time_since_expiry = (end - consensus.valid_until).total_seconds()
+      time_until_valid = (consensus.valid_after - end).total_seconds()
     except Exception, stem_error:
       end = datetime.datetime.utcnow()
       log_excluded('Unable to retrieve a consensus from %s: %s', nickname,
@@ -1151,6 +1157,15 @@ class Candidate(object):
         status += ', invalid'
         level = logging.WARNING
         download_failed = True
+    elif (time_until_valid > 0):
+      status = 'future consensus, valid in %ds'%(int(time_until_valid))
+      if time_until_valid <= CONSENSUS_EXPIRY_TOLERANCE:
+        status += ', tolerating up to %ds'%(CONSENSUS_EXPIRY_TOLERANCE)
+        level = logging.INFO
+      else:
+        status += ', invalid'
+        level = logging.WARNING
+        download_failed = True
     else:
       status = 'ok'
       level = logging.DEBUG