When there's no concensus, we were forming a vote every 30

minutes, but writing the "valid-after" line in our vote based
on our configured V3AuthVotingInterval: so unless the intervals
matched up, we immediately rejected our own vote because it didn't
start at the voting interval that caused us to construct a vote.

This caused log entries like:

Oct 23 01:16:16.303 [notice] Choosing expected valid-after time
as 2007-10-23 05:30:00: consensus_set=0, interval=1800
...
Oct 23 01:20:01.203 [notice] Choosing valid-after time in vote as
2007-10-23 06:00:00: consensus_set=0, interval=3600
Oct 23 01:20:01.290 [warn] Rejecting vote with valid-after time of
2007-10-23 06:00:00; we were expecting 2007-10-23 05:30:00
Oct 23 01:20:01.291 [warn] Couldn't store my own vote! (I told
myself, 'Bad valid-after time'.)

Nick, you should look at this, as it's your design. :)


svn:r12129
This commit is contained in:
Roger Dingledine 2007-10-23 06:38:16 +00:00
parent 03eb85b122
commit cb2b49c9c4
4 changed files with 15 additions and 7 deletions

View File

@ -74,6 +74,11 @@ Changes in version 0.2.0.9-alpha - 2007-10-??
- Distinguish between detached signatures for the wrong period, and - Distinguish between detached signatures for the wrong period, and
detached signatures for a divergent vote. detached signatures for a divergent vote.
- Fix a small memory leak when computing a consensus. - Fix a small memory leak when computing a consensus.
- When there's no concensus, we were forming a vote every 30
minutes, but writing the "valid-after" line in our vote based
on our configured V3AuthVotingInterval: so unless the intervals
matched up, we immediately rejected our own vote because it didn't
start at the voting interval that caused us to construct a vote.
o Minor bugfixes (v3 directory protocol): o Minor bugfixes (v3 directory protocol):
- Delete unverified-consensus when the real consensus is set. - Delete unverified-consensus when the real consensus is set.

View File

@ -1969,18 +1969,18 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_env_t *private_key,
char tbuf[ISO_TIME_LEN+1]; char tbuf[ISO_TIME_LEN+1];
networkstatus_vote_t *current_consensus = networkstatus_vote_t *current_consensus =
networkstatus_get_live_consensus(now); networkstatus_get_live_consensus(now);
time_t consensus_interval; time_t last_consensus_interval; /* only used to pick a valid_after */
if (current_consensus) if (current_consensus)
consensus_interval = current_consensus->fresh_until - last_consensus_interval = current_consensus->fresh_until -
current_consensus->valid_after; current_consensus->valid_after;
else else
consensus_interval = timing.vote_interval; last_consensus_interval = DEFAULT_VOTING_INTERVAL_WHEN_NO_CONSENSUS;
v3_out->valid_after = v3_out->valid_after =
dirvote_get_start_of_next_interval(now, consensus_interval); dirvote_get_start_of_next_interval(now, last_consensus_interval);
format_iso_time(tbuf, v3_out->valid_after); format_iso_time(tbuf, v3_out->valid_after);
log_notice(LD_DIR,"Choosing valid-after time in vote as %s: " log_notice(LD_DIR,"Choosing valid-after time in vote as %s: "
"consensus_set=%d, interval=%d", "consensus_set=%d, last_interval=%d",
tbuf, current_consensus?1:0, (int)consensus_interval); tbuf, current_consensus?1:0, (int)last_consensus_interval);
} }
v3_out->fresh_until = v3_out->valid_after + timing.vote_interval; v3_out->fresh_until = v3_out->valid_after + timing.vote_interval;
v3_out->valid_until = v3_out->valid_after + v3_out->valid_until = v3_out->valid_after +

View File

@ -1217,7 +1217,7 @@ dirvote_recalculate_timing(or_options_t *options, time_t now)
vote_delay = consensus->vote_seconds; vote_delay = consensus->vote_seconds;
dist_delay = consensus->dist_seconds; dist_delay = consensus->dist_seconds;
} else { } else {
interval = 30*60; interval = DEFAULT_VOTING_INTERVAL_WHEN_NO_CONSENSUS;
vote_delay = dist_delay = 300; vote_delay = dist_delay = 300;
} }

View File

@ -2907,6 +2907,9 @@ cached_dir_t *new_cached_dir(char *s, time_t published);
/** Smallest allowable voting interval. */ /** Smallest allowable voting interval. */
#define MIN_VOTE_INTERVAL 300 #define MIN_VOTE_INTERVAL 300
/** If there is no consensus, what interval do we default to? */
#define DEFAULT_VOTING_INTERVAL_WHEN_NO_CONSENSUS (30*60)
void dirvote_free_all(void); void dirvote_free_all(void);
/* vote manipulation */ /* vote manipulation */