nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-13 22:53:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

r16112@catbus: nickm | 2007-10-24 15:52:03 -0400

Browse Source 
Fix logic for downloading consensuses: make getting an duplicate or not-currently-valid consensus count as a failure.  Make running out of time to get certificates count as a failure.  Delay while fetching certificates.


svn:r12159
This commit is contained in:
Nick Mathewson 2007-10-24 19:53:11 +00:00
parent 9767415dca
commit e0204f2119
4 changed files with 66 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -37,6 +37,11 @@ Changes in version 0.2.0.9-alpha - 2007-10-24
and download operations. and download operations.
- Reattempt certificate downloads immediately on failure, as long as - Reattempt certificate downloads immediately on failure, as long as
we haven't failed a threshold number of times yet. we haven't failed a threshold number of times yet.
- Delay retrying consensus downloads while we're downloading
certificates to verify the one we just got. Also, count getting a
consensus that we already have (or one that isn't valid) as a failure,
and count failing to get the certificates after 20 minutes as a
failure.
o Minor features (router descriptor cache): o Minor features (router descriptor cache):
- If we find a cached-routers file that's been sitting around for more - If we find a cached-routers file that's been sitting around for more

14
doc/TODO
View File

@ -48,11 +48,11 @@ Things we'd like to do in 0.2.0.x:
do more than that. I think some servers are forgetting the results do more than that. I think some servers are forgetting the results
of their first test, and then never seeing use. of their first test, and then never seeing use.
- Before 0.2.0.9-alpha (for nickm) o Before 0.2.0.9-alpha (for nickm)
o Retry cert downloads as appropriate o Retry cert downloads as appropriate
- Delay consensus download retry when there's a unverified consensus we're o Delay consensus download retry when there's a unverified consensus we're
downloading the certs to check downloading the certs to check
- But don't delay forever. o But don't delay forever.
o Make new download types comply with should_delay_dir_fetches() o Make new download types comply with should_delay_dir_fetches()
o When DownloadExtraInfo is turned on for the first time, don't flip o When DownloadExtraInfo is turned on for the first time, don't flip
out and download the ancient history of the universe. out and download the ancient history of the universe.
@ -63,14 +63,14 @@ Things we'd like to do in 0.2.0.x:
- Proposals: - Proposals:
. 101: Voting on the Tor Directory System (plus 103) . 101: Voting on the Tor Directory System (plus 103)
. Validate information properly. . Validate information properly.
- Dump certificates with the wrong time. Or just warn? . Dump certificates with the wrong time. Or just warn?
- When checking a consensus, make sure that its times are plausible. . When checking a consensus, make sure that its times are plausible.
. Start caching consensus documents once authorities make them; . Start caching consensus documents once authorities make them;
start downloading consensus documents once caches serve start downloading consensus documents once caches serve
them them
- Code to delay next download while fetching certificates to verify o Code to delay next download while fetching certificates to verify
a consensus we already got. a consensus we already got.
- Code to retry consensus download if we got one we already have. o Code to retry consensus download if we got one we already have.
- Use if-modified-since on consensus download - Use if-modified-since on consensus download
- Use if-modified-since on certificate download - Use if-modified-since on certificate download
- Controller support - Controller support

1
src/or/directory.c
View File

@ -1449,6 +1449,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
"'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port); "'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
if (trusted_dirs_load_certs_from_string(body, 0)<0) { if (trusted_dirs_load_certs_from_string(body, 0)<0) {
log_warn(LD_DIR, "Unable to parse fetched certificates"); log_warn(LD_DIR, "Unable to parse fetched certificates");
connection_dir_download_cert_failed(conn, status_code);
} else { } else {
directory_info_has_arrived(now, 0); directory_info_has_arrived(now, 0);
log_info(LD_DIR, "Successfully loaded certificates from fetch."); log_info(LD_DIR, "Successfully loaded certificates from fetch.");

61
src/or/networkstatus.c
View File

@ -38,6 +38,8 @@ static networkstatus_vote_t *current_consensus = NULL;
* have enough certificates to be happy about. */ * have enough certificates to be happy about. */
static networkstatus_vote_t *consensus_waiting_for_certs = NULL; static networkstatus_vote_t *consensus_waiting_for_certs = NULL;
static char *consensus_waiting_for_certs_body = NULL; static char *consensus_waiting_for_certs_body = NULL;
static time_t consensus_waiting_for_certs_set_at = 0;
static int consensus_waiting_for_certs_dl_failed = 0;
/** The last time we tried to download a networkstatus, or 0 for "never". We /** The last time we tried to download a networkstatus, or 0 for "never". We
* use this to rate-limit download attempts for directory caches (including * use this to rate-limit download attempts for directory caches (including
@ -951,6 +953,8 @@ update_v2_networkstatus_cache_downloads(time_t now)
/**DOCDOC*/ /**DOCDOC*/
#define CONSENSUS_NETWORKSTATUS_MAX_DL_TRIES 8 #define CONSENSUS_NETWORKSTATUS_MAX_DL_TRIES 8
/**DOCDOC*/
#define DELAY_WHILE_FETCHING_CERTS (20*60)
/** If we want to download a fresh consensus, launch a new download as /** If we want to download a fresh consensus, launch a new download as
* appropriate. */ * appropriate. */
@ -971,6 +975,17 @@ update_consensus_networkstatus_downloads(time_t now)
DIR_PURPOSE_FETCH_CONSENSUS)) DIR_PURPOSE_FETCH_CONSENSUS))
return; /* There's an in-progress download.*/ return; /* There's an in-progress download.*/
if (consensus_waiting_for_certs) {
if (consensus_waiting_for_certs_set_at + DELAY_WHILE_FETCHING_CERTS > now)
return; /* We're still getting certs for this one. */
else {
if (!consensus_waiting_for_certs_dl_failed) {
download_status_failed(&consensus_dl_status, 0);
consensus_waiting_for_certs_dl_failed=1;
}
}
}
directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS, directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
ROUTER_PURPOSE_GENERAL, NULL, 1); ROUTER_PURPOSE_GENERAL, NULL, 1);
} }
@ -1153,7 +1168,9 @@ networkstatus_copy_old_consensus_info(networkstatus_vote_t *new_c,
* <b>consensus</b>. If we don't have enough certificates to validate it, * <b>consensus</b>. If we don't have enough certificates to validate it,
* store it in consensus_waiting_for_certs and launch a certificate fetch. * store it in consensus_waiting_for_certs and launch a certificate fetch.
* *
* Return 0 on success, -1 on failure. */ * Return 0 on success, -1 on failure. On -1, caller should increment
* the failure count as appropriate.
*/
int int
networkstatus_set_current_consensus(const char *consensus, int from_cache, networkstatus_set_current_consensus(const char *consensus, int from_cache,
int was_waiting_for_certs) int was_waiting_for_certs)
@ -1170,6 +1187,20 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
goto done; goto done;
} }
if (current_consensus &&
!memcmp(c->networkstatus_digest, current_consensus->networkstatus_digest,
DIGEST_LEN)) {
/* We already have this one. That's a failure. */
log_info(LD_DIR, "Got a consensus we already have");
goto done;
}
if (current_consensus && c->valid_after <= current_consensus->valid_after) {
/* We have a newer one. */
log_info(LD_DIR, "Got a consensus at least as old as the one we have");
goto done;
}
consensus_fname = get_datadir_fname("cached-consensus"); consensus_fname = get_datadir_fname("cached-consensus");
unverified_fname = get_datadir_fname("unverified-consensus"); unverified_fname = get_datadir_fname("unverified-consensus");
@ -1187,34 +1218,33 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
tor_free(consensus_waiting_for_certs_body); tor_free(consensus_waiting_for_certs_body);
consensus_waiting_for_certs = c; consensus_waiting_for_certs = c;
consensus_waiting_for_certs_body = tor_strdup(consensus); consensus_waiting_for_certs_body = tor_strdup(consensus);
/*XXXX020 delay next update. NMNM */ consensus_waiting_for_certs_set_at = now;
consensus_waiting_for_certs_dl_failed = 0;
if (!from_cache) { if (!from_cache) {
write_str_to_file(unverified_fname, consensus, 0); write_str_to_file(unverified_fname, consensus, 0);
} }
authority_certs_fetch_missing(c, now); authority_certs_fetch_missing(c, now);
/* This case is not a success or a failure until we get the certs
* or fail to get the certs. */
result = 0;
} else { } else {
/* Even if we had enough signatures, we'd never use this as the /* Even if we had enough signatures, we'd never use this as the
* latest consensus. */ * latest consensus. */
if (was_waiting_for_certs && from_cache) if (was_waiting_for_certs && from_cache)
unlink(unverified_fname); unlink(unverified_fname);
} }
download_status_reset(&consensus_dl_status); /*XXXX020 not quite right.*/
result = 0;
goto done; goto done;
} else { } else {
/* This can never be signed enough Kill it. */ /* This can never be signed enough: Kill it. */
if (!was_waiting_for_certs) if (!was_waiting_for_certs)
log_warn(LD_DIR, "Not enough good signatures on networkstatus " log_warn(LD_DIR, "Not enough good signatures on networkstatus "
"consensus"); "consensus");
if (was_waiting_for_certs && from_cache) if (was_waiting_for_certs && (r < -1) && from_cache)
unlink(unverified_fname); unlink(unverified_fname);
networkstatus_vote_free(c);
goto done; goto done;
} }
} }
download_status_reset(&consensus_dl_status); /*XXXX020 not quite right.*/
/* XXXX020 check dates for plausibility. Don't trust a consensus whose /* XXXX020 check dates for plausibility. Don't trust a consensus whose
* valid-after date is very far in the future. */ * valid-after date is very far in the future. */
@ -1233,10 +1263,21 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
consensus_waiting_for_certs = NULL; consensus_waiting_for_certs = NULL;
if (consensus != consensus_waiting_for_certs_body) if (consensus != consensus_waiting_for_certs_body)
tor_free(consensus_waiting_for_certs_body); tor_free(consensus_waiting_for_certs_body);
consensus_waiting_for_certs_set_at = 0;
consensus_waiting_for_certs_dl_failed = 0;
unlink(unverified_fname); unlink(unverified_fname);
} }
/* Reset the failure count only if this consensus is actually valid. */
if (c->valid_after <= now && now <= c->valid_until) {
download_status_reset(&consensus_dl_status);
} else {
if (!from_cache)
download_status_failed(&consensus_dl_status, 0);
}
current_consensus = c; current_consensus = c;
c = NULL; /* Prevent free. */
update_consensus_networkstatus_fetch_time(now); update_consensus_networkstatus_fetch_time(now);
dirvote_recalculate_timing(get_options(), now); dirvote_recalculate_timing(get_options(), now);
@ -1253,6 +1294,8 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
result = 0; result = 0;
done: done:
if (c)
networkstatus_vote_free(c);
tor_free(consensus_fname); tor_free(consensus_fname);
tor_free(unverified_fname); tor_free(unverified_fname);
return result; return result;