diff options
| author | Roger Dingledine <arma@torproject.org> | 2009-01-20 08:10:48 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2009-01-20 08:10:48 +0000 |
| commit | 5954698422d096788980f934c6d9183e165d2852 (patch) | |
| tree | 2d90594289feee2a71e8a0da4bf29d37201adf4b | |
| parent | 08f1406cfb0b62d35d36161b9151a5a3602222a0 (diff) | |
| download | tor-5954698422d096788980f934c6d9183e165d2852.tar.gz tor-5954698422d096788980f934c6d9183e165d2852.zip | |
backport r17917, r17993: tors that haven't run lately take 10+ minutes
to start, and when they do they still use incredibly obsolete descriptors.
svn:r18187
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | doc/TODO.020 | 2 | ||||
| -rw-r--r-- | src/or/networkstatus.c | 13 | ||||
| -rw-r--r-- | src/or/or.h | 1 | ||||
| -rw-r--r-- | src/or/routerlist.c | 6 |
5 files changed, 27 insertions, 2 deletions
@@ -22,6 +22,13 @@ Changes in version 0.2.0.33 - 2009-01-?? to anybody who asks, now that extrainfo docs include potentially sensitive aggregated client geoip summaries. Bugfix on 0.2.0.13-alpha. + - If the cached networkstatus consensus is more than five days old, + discard it rather than trying to use it. In theory it could be + useful because it lists alternate directory mirrors, but in practice + it just means we spend many minutes trying directory mirrors that + are long gone from the network. Also discard router descriptors as + we load them if they are more than five days old, since the onion + key is probably wrong by now. Bugfix on 0.2.0.x. Fixes bug 887. o Minor bugfixes: - Do not mark smartlist_bsearch_idx() function as ATTR_PURE. This bug diff --git a/doc/TODO.020 b/doc/TODO.020 index c02d4afd7c..86a84d6272 100644 --- a/doc/TODO.020 +++ b/doc/TODO.020 @@ -17,7 +17,7 @@ Backport for 0.2.0 once better tested: - r17886: Don't remove routerinfos as unlisted unless we have a consensus. - r17887: Don't accept 1.2.3 as a valid IP address. - - r17917, r17993: tors that haven't run lately take 10+ minutes to start + o r17917, r17993: tors that haven't run lately take 10+ minutes to start - r17924: Close streams when an exit hands us a local IP. Backport for 0.2.0, maybe: diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index f599c1a62f..4b722b22a5 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -211,7 +211,8 @@ router_reload_consensus_networkstatus(void) s = read_file_to_str(options->FallbackNetworkstatusFile, RFTS_IGNORE_MISSING, NULL); if (s) { - if (networkstatus_set_current_consensus(s, flags)) { + if (networkstatus_set_current_consensus(s, + flags|NSSET_ACCEPT_OBSOLETE)) { log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"", options->FallbackNetworkstatusFile); } else { @@ -1372,6 +1373,7 @@ networkstatus_set_current_consensus(const char *consensus, unsigned flags) const unsigned from_cache = flags & NSSET_FROM_CACHE; const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS; const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS); + const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE; /* Make sure it's parseable. */ c = networkstatus_parse_vote_from_string(consensus, NULL, 0); @@ -1381,6 +1383,15 @@ networkstatus_set_current_consensus(const char *consensus, unsigned flags) goto done; } + if (from_cache && !accept_obsolete && + c->valid_until < now-OLD_ROUTER_DESC_MAX_AGE) { + /* XXX022 when we try to make fallbackconsensus work again, we should + * consider taking this out. Until then, believing obsolete consensuses + * is causing more harm than good. See also bug 887. */ + log_info(LD_DIR, "Loaded an obsolete consensus. Discarding."); + goto done; + } + if (current_consensus && !memcmp(c->networkstatus_digest, current_consensus->networkstatus_digest, DIGEST_LEN)) { diff --git a/src/or/or.h b/src/or/or.h index 0e7ce9a300..c345b40ccb 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3415,6 +3415,7 @@ networkstatus_t *networkstatus_get_reasonably_live_consensus(time_t now); #define NSSET_FROM_CACHE 1 #define NSSET_WAS_WAITING_FOR_CERTS 2 #define NSSET_DONT_DOWNLOAD_CERTS 4 +#define NSSET_ACCEPT_OBSOLETE 8 int networkstatus_set_current_consensus(const char *consensus, unsigned flags); void networkstatus_note_certs_arrived(void); void routers_update_all_from_networkstatus(time_t now, int dir_version); diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 19b8b14b15..01169d2c58 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -2864,6 +2864,12 @@ router_add_to_routerlist(routerinfo_t *router, const char **msg, } } + if (!in_consensus && from_cache && + router->cache_info.published_on < time(NULL) - OLD_ROUTER_DESC_MAX_AGE) { + *msg = "Router descriptor was really old."; + return -1; + } + /* We haven't seen a router with this identity before. Add it to the end of * the list. */ routerlist_insert(routerlist, router); |