nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

When downloading certificates, check for related failures

Browse Source 
If a consensus expires while we are waiting for certificates to download,
stop waiting for certificates.

If we stop waiting for certificates less than a minute after we started
downloading them, do not consider the certificate download failure a
separate failure.

Fixes bug 20533; bugfix on commit e0204f21 in 0.2.0.9-alpha.
This commit is contained in:
teor 2016-11-08 00:01:20 +11:00
parent f6a3d213e4
commit e819d420c5
No known key found for this signature in database
GPG Key ID: 450CBA7F968F094B
2 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
changes/bug20533 Normal file
View File

@ -0,0 +1,7 @@
o Minor bugfixes (consensus downloads):
- If a consensus expires while we are waiting for certificates to download,
stop waiting for certificates.
- If we stop waiting for certificates less than a minute after we started
downloading them, do not consider the certificate download failure a
separate failure.
Fixes bug 20533; bugfix on commit e0204f21 in 0.2.0.9-alpha.

15
src/or/networkstatus.c
View File

@ -815,9 +815,15 @@ we_want_to_fetch_flavor(const or_options_t *options, int flavor)
* fetching certs before we check whether there is a better one? */
#define DELAY_WHILE_FETCHING_CERTS (20*60)
/** What is the minimum time we need to have waited fetching certs, before we
* increment the consensus download schedule on failure? */
#define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE (1*60)
/* Check if a downloaded consensus flavor should still wait for certificates
* to download now.
* If so, return 1. If not, fail dls and return 0. */
* to download now. If we decide not to wait, check if enough time has passed
* to consider the certificate download failure a separate failure. If so,
* fail dls.
* If waiting for certificates to download, return 1. If not, return 0. */
static int
check_consensus_waiting_for_certs(int flavor, time_t now,
download_status_t *dls)
@ -831,11 +837,14 @@ check_consensus_waiting_for_certs(int flavor, time_t now,
waiting = &consensus_waiting_for_certs[flavor];
if (waiting->consensus) {
/* XXXX make sure this doesn't delay sane downloads. */
if (waiting->set_at + DELAY_WHILE_FETCHING_CERTS > now) {
if (waiting->set_at + DELAY_WHILE_FETCHING_CERTS > now &&
waiting->consensus->valid_until > now) {
return 1;
} else {
if (!waiting->dl_failed) {
if (waiting->set_at + MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE > now) {
download_status_failed(dls, 0);
}
waiting->dl_failed=1;
}
}