Refactor clock skew warning code to avoid duplication

2024-09-20 21:16:22 +02:00 · 2015-12-08 11:32:29 -08:00 · 2015-12-08 11:32:29 -08:00 · d68b7fd442
commit d68b7fd442
parent d015c70a11
5 changed files with 48 additions and 54 deletions
--- a/src/or/channeltls.c
+++ b/src/or/channeltls.c
@ -1663,30 +1663,9 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan)
 #define NETINFO_NOTICE_SKEW 3600
  if (labs(apparent_skew) > NETINFO_NOTICE_SKEW &&
      router_get_by_id_digest(chan->conn->identity_digest)) {
-    char dbuf[64];
-    int severity;
-    /*XXXX be smarter about when everybody says we are skewed. */
-    if (router_digest_is_trusted_dir(chan->conn->identity_digest))
-      severity = LOG_WARN;
-    else
-      severity = LOG_INFO;
-    format_time_interval(dbuf, sizeof(dbuf), apparent_skew);
-    log_fn(severity, LD_GENERAL,
-           "Received NETINFO cell with skewed time from "
-           "server at %s:%d.  It seems that our clock is %s by %s, or "
-           "that theirs is %s. Tor requires an accurate clock to work: "
-           "please check your time and date settings.",
-           chan->conn->base_.address,
-           (int)(chan->conn->base_.port),
-           apparent_skew > 0 ? "ahead" : "behind",
-           dbuf,
-           apparent_skew > 0 ? "behind" : "ahead");
-    if (severity == LOG_WARN) /* only tell the controller if an authority */
-      control_event_general_status(LOG_WARN,
-                          "CLOCK_SKEW SKEW=%ld SOURCE=OR:%s:%d",
-                          apparent_skew,
-                          chan->conn->base_.address,
-                          chan->conn->base_.port);
+    int trusted = router_digest_is_trusted_dir(chan->conn->identity_digest);
+    clock_skew_warning(TO_CONN(chan->conn), apparent_skew, trusted, LD_GENERAL,
+                       "NETINFO cell", "OR");
  }

  /* XXX maybe act on my_apparent_addr, if the source is sufficiently
--- a/src/or/connection.c
+++ b/src/or/connection.c
@ -5018,3 +5018,33 @@ connection_free_all(void)
 #endif
 }

+/** Log a warning, and possibly emit a control event, that <b>received</b> came
+ * at a skewed time.  <b>trusted</b> indicates that the <b>source</b> was one
+ * that we had more faith in and therefore the warning level should have higher
+ * severity.
+ */
+void
+clock_skew_warning(const connection_t *conn, long apparent_skew, int trusted,
+                   log_domain_mask_t domain, const char *received,
+                   const char *source)
+{
+  char dbuf[64];
+  char *ext_source = NULL;
+  format_time_interval(dbuf, sizeof(dbuf), apparent_skew);
+  if (conn)
+    tor_asprintf(&ext_source, "%s:%s:%d", source, conn->address, conn->port);
+  else
+    ext_source = tor_strdup(source);
+  log_fn(trusted ? LOG_WARN : LOG_INFO, domain,
+         "Received %s with skewed time (%s): "
+         "It seems that our clock is %s by %s, or that theirs is %s%s. "
+         "Tor requires an accurate clock to work: please check your time, "
+         "timezone, and date settings.", received, ext_source,
+         apparent_skew > 0 ? "ahead" : "behind", dbuf,
+         apparent_skew > 0 ? "behind" : "ahead",
+         (!conn || trusted) ? "" : ", or they are sending us the wrong time");
+  if (trusted)
+    control_event_general_status(LOG_WARN, "CLOCK_SKEW SKEW=%ld SOURCE=%s",
+                                 apparent_skew, ext_source);
+  tor_free(ext_source);
+}
--- a/src/or/connection.h
+++ b/src/or/connection.h
@ -210,6 +210,10 @@ int connection_or_nonopen_was_started_here(or_connection_t *conn);
 void connection_dump_buffer_mem_stats(int severity);
 void remove_file_if_very_old(const char *fname, time_t now);

+void clock_skew_warning(const connection_t *conn, long apparent_skew,
+                        int trusted, log_domain_mask_t domain,
+                        const char *received, const char *source);
+
 #ifdef USE_BUFFEREVENTS
 int connection_type_uses_bufferevent(connection_t *conn);
 void connection_configure_bufferevent_callbacks(connection_t *conn);
--- a/src/or/directory.c
+++ b/src/or/directory.c
@ -1595,7 +1595,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
  size_t body_len = 0, orig_len = 0;
  int status_code;
  time_t date_header = 0;
-  long delta;
+  long apparent_skew;
  compress_method_t compression;
  int plausible;
  int skewed = 0;
@ -1654,28 +1654,15 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
     * and the date header.  (We used to check now-date_header, but that's
     * inaccurate if we spend a lot of time downloading.)
     */
-    delta = conn->base_.timestamp_lastwritten - date_header;
-    if (labs(delta)>ALLOW_DIRECTORY_TIME_SKEW) {
-      char dbuf[64];
+    apparent_skew = conn->base_.timestamp_lastwritten - date_header;
+    if (labs(apparent_skew)>ALLOW_DIRECTORY_TIME_SKEW) {
      int trusted = router_digest_is_trusted_dir(conn->identity_digest);
-      format_time_interval(dbuf, sizeof(dbuf), delta);
-      log_fn(trusted ? LOG_WARN : LOG_INFO,
-             LD_HTTP,
-             "Received directory with skewed time (server '%s:%d'): "
-             "It seems that our clock is %s by %s, or that theirs is %s. "
-             "Tor requires an accurate clock to work: please check your time, "
-             "timezone, and date settings.",
-             conn->base_.address, conn->base_.port,
-             delta>0 ? "ahead" : "behind", dbuf,
-             delta>0 ? "behind" : "ahead");
+      clock_skew_warning(TO_CONN(conn), apparent_skew, trusted, LD_HTTP,
+                         "directory", "DIRSERV");
      skewed = 1; /* don't check the recommended-versions line */
-      if (trusted)
-        control_event_general_status(LOG_WARN,
-                                 "CLOCK_SKEW SKEW=%ld SOURCE=DIRSERV:%s:%d",
-                                 delta, conn->base_.address, conn->base_.port);
    } else {
      log_debug(LD_HTTP, "Time on received directory is within tolerance; "
-                "we are %ld seconds skewed.  (That's okay.)", delta);
+                "we are %ld seconds skewed.  (That's okay.)", apparent_skew);
    }
  }
  (void) skewed; /* skewed isn't used yet. */
--- a/src/or/statefile.c
+++ b/src/or/statefile.c
@ -9,6 +9,7 @@
 #include "circuitstats.h"
 #include "config.h"
 #include "confparse.h"
+#include "connection.h"
 #include "entrynodes.h"
 #include "hibernate.h"
 #include "rephist.h"
@ -374,17 +375,10 @@ or_state_load(void)
    log_info(LD_GENERAL, "Loaded state from \"%s\"", fname);
    /* Warn the user if their clock has been set backwards,
     * they could be tricked into using old consensuses */
-    if (new_state->LastWritten > time(NULL)) {
-      char last_written_str[ISO_TIME_LEN+1];
-      char now_str[ISO_TIME_LEN+1];
-      format_iso_time(last_written_str, new_state->LastWritten),
-      format_iso_time(now_str, time(NULL));
-      log_warn(LD_GENERAL, "Your system clock has been set back in time. "
-               "Tor needs an accurate clock to know when the consensus "
-               "expires. You might have an empty clock battery or bad NTP "
-               "server. Clock time is %s, state file time is %s.",
-               now_str, last_written_str);
-    }
+    time_t apparent_skew = new_state->LastWritten - time(NULL);
+    if (apparent_skew > 0)
+      clock_skew_warning(NULL, (long)apparent_skew, 1, LD_GENERAL,
+                         "local state file", fname);
  } else {
    log_info(LD_GENERAL, "Initialized state");
  }