mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-28 06:13:31 +01:00
r16112@catbus: nickm | 2007-10-24 15:52:03 -0400
Fix logic for downloading consensuses: make getting an duplicate or not-currently-valid consensus count as a failure. Make running out of time to get certificates count as a failure. Delay while fetching certificates. svn:r12159
This commit is contained in:
parent
9767415dca
commit
e0204f2119
@ -37,6 +37,11 @@ Changes in version 0.2.0.9-alpha - 2007-10-24
|
|||||||
and download operations.
|
and download operations.
|
||||||
- Reattempt certificate downloads immediately on failure, as long as
|
- Reattempt certificate downloads immediately on failure, as long as
|
||||||
we haven't failed a threshold number of times yet.
|
we haven't failed a threshold number of times yet.
|
||||||
|
- Delay retrying consensus downloads while we're downloading
|
||||||
|
certificates to verify the one we just got. Also, count getting a
|
||||||
|
consensus that we already have (or one that isn't valid) as a failure,
|
||||||
|
and count failing to get the certificates after 20 minutes as a
|
||||||
|
failure.
|
||||||
|
|
||||||
o Minor features (router descriptor cache):
|
o Minor features (router descriptor cache):
|
||||||
- If we find a cached-routers file that's been sitting around for more
|
- If we find a cached-routers file that's been sitting around for more
|
||||||
|
14
doc/TODO
14
doc/TODO
@ -48,11 +48,11 @@ Things we'd like to do in 0.2.0.x:
|
|||||||
do more than that. I think some servers are forgetting the results
|
do more than that. I think some servers are forgetting the results
|
||||||
of their first test, and then never seeing use.
|
of their first test, and then never seeing use.
|
||||||
|
|
||||||
- Before 0.2.0.9-alpha (for nickm)
|
o Before 0.2.0.9-alpha (for nickm)
|
||||||
o Retry cert downloads as appropriate
|
o Retry cert downloads as appropriate
|
||||||
- Delay consensus download retry when there's a unverified consensus we're
|
o Delay consensus download retry when there's a unverified consensus we're
|
||||||
downloading the certs to check
|
downloading the certs to check
|
||||||
- But don't delay forever.
|
o But don't delay forever.
|
||||||
o Make new download types comply with should_delay_dir_fetches()
|
o Make new download types comply with should_delay_dir_fetches()
|
||||||
o When DownloadExtraInfo is turned on for the first time, don't flip
|
o When DownloadExtraInfo is turned on for the first time, don't flip
|
||||||
out and download the ancient history of the universe.
|
out and download the ancient history of the universe.
|
||||||
@ -63,14 +63,14 @@ Things we'd like to do in 0.2.0.x:
|
|||||||
- Proposals:
|
- Proposals:
|
||||||
. 101: Voting on the Tor Directory System (plus 103)
|
. 101: Voting on the Tor Directory System (plus 103)
|
||||||
. Validate information properly.
|
. Validate information properly.
|
||||||
- Dump certificates with the wrong time. Or just warn?
|
. Dump certificates with the wrong time. Or just warn?
|
||||||
- When checking a consensus, make sure that its times are plausible.
|
. When checking a consensus, make sure that its times are plausible.
|
||||||
. Start caching consensus documents once authorities make them;
|
. Start caching consensus documents once authorities make them;
|
||||||
start downloading consensus documents once caches serve
|
start downloading consensus documents once caches serve
|
||||||
them
|
them
|
||||||
- Code to delay next download while fetching certificates to verify
|
o Code to delay next download while fetching certificates to verify
|
||||||
a consensus we already got.
|
a consensus we already got.
|
||||||
- Code to retry consensus download if we got one we already have.
|
o Code to retry consensus download if we got one we already have.
|
||||||
- Use if-modified-since on consensus download
|
- Use if-modified-since on consensus download
|
||||||
- Use if-modified-since on certificate download
|
- Use if-modified-since on certificate download
|
||||||
- Controller support
|
- Controller support
|
||||||
|
@ -1449,6 +1449,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
|
|||||||
"'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
|
"'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
|
||||||
if (trusted_dirs_load_certs_from_string(body, 0)<0) {
|
if (trusted_dirs_load_certs_from_string(body, 0)<0) {
|
||||||
log_warn(LD_DIR, "Unable to parse fetched certificates");
|
log_warn(LD_DIR, "Unable to parse fetched certificates");
|
||||||
|
connection_dir_download_cert_failed(conn, status_code);
|
||||||
} else {
|
} else {
|
||||||
directory_info_has_arrived(now, 0);
|
directory_info_has_arrived(now, 0);
|
||||||
log_info(LD_DIR, "Successfully loaded certificates from fetch.");
|
log_info(LD_DIR, "Successfully loaded certificates from fetch.");
|
||||||
|
@ -38,6 +38,8 @@ static networkstatus_vote_t *current_consensus = NULL;
|
|||||||
* have enough certificates to be happy about. */
|
* have enough certificates to be happy about. */
|
||||||
static networkstatus_vote_t *consensus_waiting_for_certs = NULL;
|
static networkstatus_vote_t *consensus_waiting_for_certs = NULL;
|
||||||
static char *consensus_waiting_for_certs_body = NULL;
|
static char *consensus_waiting_for_certs_body = NULL;
|
||||||
|
static time_t consensus_waiting_for_certs_set_at = 0;
|
||||||
|
static int consensus_waiting_for_certs_dl_failed = 0;
|
||||||
|
|
||||||
/** The last time we tried to download a networkstatus, or 0 for "never". We
|
/** The last time we tried to download a networkstatus, or 0 for "never". We
|
||||||
* use this to rate-limit download attempts for directory caches (including
|
* use this to rate-limit download attempts for directory caches (including
|
||||||
@ -951,6 +953,8 @@ update_v2_networkstatus_cache_downloads(time_t now)
|
|||||||
|
|
||||||
/**DOCDOC*/
|
/**DOCDOC*/
|
||||||
#define CONSENSUS_NETWORKSTATUS_MAX_DL_TRIES 8
|
#define CONSENSUS_NETWORKSTATUS_MAX_DL_TRIES 8
|
||||||
|
/**DOCDOC*/
|
||||||
|
#define DELAY_WHILE_FETCHING_CERTS (20*60)
|
||||||
|
|
||||||
/** If we want to download a fresh consensus, launch a new download as
|
/** If we want to download a fresh consensus, launch a new download as
|
||||||
* appropriate. */
|
* appropriate. */
|
||||||
@ -971,6 +975,17 @@ update_consensus_networkstatus_downloads(time_t now)
|
|||||||
DIR_PURPOSE_FETCH_CONSENSUS))
|
DIR_PURPOSE_FETCH_CONSENSUS))
|
||||||
return; /* There's an in-progress download.*/
|
return; /* There's an in-progress download.*/
|
||||||
|
|
||||||
|
if (consensus_waiting_for_certs) {
|
||||||
|
if (consensus_waiting_for_certs_set_at + DELAY_WHILE_FETCHING_CERTS > now)
|
||||||
|
return; /* We're still getting certs for this one. */
|
||||||
|
else {
|
||||||
|
if (!consensus_waiting_for_certs_dl_failed) {
|
||||||
|
download_status_failed(&consensus_dl_status, 0);
|
||||||
|
consensus_waiting_for_certs_dl_failed=1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
|
directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
|
||||||
ROUTER_PURPOSE_GENERAL, NULL, 1);
|
ROUTER_PURPOSE_GENERAL, NULL, 1);
|
||||||
}
|
}
|
||||||
@ -1153,7 +1168,9 @@ networkstatus_copy_old_consensus_info(networkstatus_vote_t *new_c,
|
|||||||
* <b>consensus</b>. If we don't have enough certificates to validate it,
|
* <b>consensus</b>. If we don't have enough certificates to validate it,
|
||||||
* store it in consensus_waiting_for_certs and launch a certificate fetch.
|
* store it in consensus_waiting_for_certs and launch a certificate fetch.
|
||||||
*
|
*
|
||||||
* Return 0 on success, -1 on failure. */
|
* Return 0 on success, -1 on failure. On -1, caller should increment
|
||||||
|
* the failure count as appropriate.
|
||||||
|
*/
|
||||||
int
|
int
|
||||||
networkstatus_set_current_consensus(const char *consensus, int from_cache,
|
networkstatus_set_current_consensus(const char *consensus, int from_cache,
|
||||||
int was_waiting_for_certs)
|
int was_waiting_for_certs)
|
||||||
@ -1170,6 +1187,20 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
|
|||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (current_consensus &&
|
||||||
|
!memcmp(c->networkstatus_digest, current_consensus->networkstatus_digest,
|
||||||
|
DIGEST_LEN)) {
|
||||||
|
/* We already have this one. That's a failure. */
|
||||||
|
log_info(LD_DIR, "Got a consensus we already have");
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (current_consensus && c->valid_after <= current_consensus->valid_after) {
|
||||||
|
/* We have a newer one. */
|
||||||
|
log_info(LD_DIR, "Got a consensus at least as old as the one we have");
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
|
||||||
consensus_fname = get_datadir_fname("cached-consensus");
|
consensus_fname = get_datadir_fname("cached-consensus");
|
||||||
unverified_fname = get_datadir_fname("unverified-consensus");
|
unverified_fname = get_datadir_fname("unverified-consensus");
|
||||||
|
|
||||||
@ -1187,34 +1218,33 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
|
|||||||
tor_free(consensus_waiting_for_certs_body);
|
tor_free(consensus_waiting_for_certs_body);
|
||||||
consensus_waiting_for_certs = c;
|
consensus_waiting_for_certs = c;
|
||||||
consensus_waiting_for_certs_body = tor_strdup(consensus);
|
consensus_waiting_for_certs_body = tor_strdup(consensus);
|
||||||
/*XXXX020 delay next update. NMNM */
|
consensus_waiting_for_certs_set_at = now;
|
||||||
|
consensus_waiting_for_certs_dl_failed = 0;
|
||||||
if (!from_cache) {
|
if (!from_cache) {
|
||||||
write_str_to_file(unverified_fname, consensus, 0);
|
write_str_to_file(unverified_fname, consensus, 0);
|
||||||
}
|
}
|
||||||
authority_certs_fetch_missing(c, now);
|
authority_certs_fetch_missing(c, now);
|
||||||
|
/* This case is not a success or a failure until we get the certs
|
||||||
|
* or fail to get the certs. */
|
||||||
|
result = 0;
|
||||||
} else {
|
} else {
|
||||||
/* Even if we had enough signatures, we'd never use this as the
|
/* Even if we had enough signatures, we'd never use this as the
|
||||||
* latest consensus. */
|
* latest consensus. */
|
||||||
if (was_waiting_for_certs && from_cache)
|
if (was_waiting_for_certs && from_cache)
|
||||||
unlink(unverified_fname);
|
unlink(unverified_fname);
|
||||||
}
|
}
|
||||||
download_status_reset(&consensus_dl_status); /*XXXX020 not quite right.*/
|
|
||||||
result = 0;
|
|
||||||
goto done;
|
goto done;
|
||||||
} else {
|
} else {
|
||||||
/* This can never be signed enough Kill it. */
|
/* This can never be signed enough: Kill it. */
|
||||||
if (!was_waiting_for_certs)
|
if (!was_waiting_for_certs)
|
||||||
log_warn(LD_DIR, "Not enough good signatures on networkstatus "
|
log_warn(LD_DIR, "Not enough good signatures on networkstatus "
|
||||||
"consensus");
|
"consensus");
|
||||||
if (was_waiting_for_certs && from_cache)
|
if (was_waiting_for_certs && (r < -1) && from_cache)
|
||||||
unlink(unverified_fname);
|
unlink(unverified_fname);
|
||||||
networkstatus_vote_free(c);
|
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
download_status_reset(&consensus_dl_status); /*XXXX020 not quite right.*/
|
|
||||||
|
|
||||||
/* XXXX020 check dates for plausibility. Don't trust a consensus whose
|
/* XXXX020 check dates for plausibility. Don't trust a consensus whose
|
||||||
* valid-after date is very far in the future. */
|
* valid-after date is very far in the future. */
|
||||||
|
|
||||||
@ -1233,10 +1263,21 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
|
|||||||
consensus_waiting_for_certs = NULL;
|
consensus_waiting_for_certs = NULL;
|
||||||
if (consensus != consensus_waiting_for_certs_body)
|
if (consensus != consensus_waiting_for_certs_body)
|
||||||
tor_free(consensus_waiting_for_certs_body);
|
tor_free(consensus_waiting_for_certs_body);
|
||||||
|
consensus_waiting_for_certs_set_at = 0;
|
||||||
|
consensus_waiting_for_certs_dl_failed = 0;
|
||||||
unlink(unverified_fname);
|
unlink(unverified_fname);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Reset the failure count only if this consensus is actually valid. */
|
||||||
|
if (c->valid_after <= now && now <= c->valid_until) {
|
||||||
|
download_status_reset(&consensus_dl_status);
|
||||||
|
} else {
|
||||||
|
if (!from_cache)
|
||||||
|
download_status_failed(&consensus_dl_status, 0);
|
||||||
|
}
|
||||||
|
|
||||||
current_consensus = c;
|
current_consensus = c;
|
||||||
|
c = NULL; /* Prevent free. */
|
||||||
|
|
||||||
update_consensus_networkstatus_fetch_time(now);
|
update_consensus_networkstatus_fetch_time(now);
|
||||||
dirvote_recalculate_timing(get_options(), now);
|
dirvote_recalculate_timing(get_options(), now);
|
||||||
@ -1253,6 +1294,8 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
|
|||||||
|
|
||||||
result = 0;
|
result = 0;
|
||||||
done:
|
done:
|
||||||
|
if (c)
|
||||||
|
networkstatus_vote_free(c);
|
||||||
tor_free(consensus_fname);
|
tor_free(consensus_fname);
|
||||||
tor_free(unverified_fname);
|
tor_free(unverified_fname);
|
||||||
return result;
|
return result;
|
||||||
|
Loading…
Reference in New Issue
Block a user