Bug 691 fix: do not shutdown Tor servers right away if the network is down.

svn:r17566
author: Nick Mathewson <nickm@torproject.org> 2008-12-10 20:45:31 +0000
committer: Nick Mathewson <nickm@torproject.org> 2008-12-10 20:45:31 +0000
commit: 9aa706e20c3ae91f6cac95964e291076b88ecd48 (patch)
tree: aa50df5ac10c25413d7321fba023fe2f4ade3360
parent: 355369a27a86942b34010392167ec9d284e294e4 (diff)
download: tor-9aa706e20c3ae91f6cac95964e291076b88ecd48.tar.gz
tor-9aa706e20c3ae91f6cac95964e291076b88ecd48.zip
6 files changed, 59 insertions, 18 deletions
diff --git a/ChangeLog b/ChangeLog
index 640cf20223..eca662b4c5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,10 @@ Changes in version 0.2.1.9-alpha - 200?-??-??
     - When a directory authority gives us a new guess for our IP address,
       log which authority we used. Hopefully this will help us debug
       the recent complaints about bad IP address guesses.
+    - When we can't initialize DNS because the network is down, do not
+      automatically stop Tor from starting.  Instead, we retry failed
+      dns_inits() every 10 minutes, and change the exit policy to reject *:*
+      until one succeeds.  Fixes bug 691.
 
   o Minor features (controller):
     - New CONSENSUS_ARRIVED event to note when a new consensus has
@@ -23,7 +27,7 @@ Changes in version 0.2.1.9-alpha - 200?-??-??
   o Minor bugfixes (hidden services):
     - Do not throw away existing introduction points on SIGHUP; do not
       stall hidden services because of introduction points thrown away.
-      Patch by Karsten.  Fixes bug 874.
+      Patch by Karsten.  Fixes bug 874ma.
 
 
 Changes in version 0.2.1.8-alpha - 2008-12-08
diff --git a/src/or/config.c b/src/or/config.c
index cf5cf2bd4c..2ed610c337 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -290,7 +290,7 @@ static config_var_t _option_vars[] = {
   V(RunTesting,                  BOOL,     "0"),
   V(SafeLogging,                 BOOL,     "1"),
   V(SafeSocks,                   BOOL,     "0"),
-  V(ServerDNSAllowBrokenResolvConf, BOOL,  "0"),
+  V(ServerDNSAllowBrokenResolvConf, BOOL,  "1"),
   V(ServerDNSAllowNonRFC953Hostnames, BOOL,"0"),
   V(ServerDNSDetectHijacking,    BOOL,     "1"),
   V(ServerDNSRandomizeCase,      BOOL,     "1"),
diff --git a/src/or/dns.c b/src/or/dns.c
index 03dc85f421..2b6ea88482 100644
--- a/src/or/dns.c
+++ b/src/or/dns.c
@@ -33,6 +33,8 @@ const char dns_c_id[] =
 
 /** Have we currently configured nameservers with eventdns? */
 static int nameservers_configured = 0;
+/** Did our most recent attempt to configure nameservers with eventdns fail? */
+static int nameserver_config_failed = 0;
 /** What was the resolv_conf fname we last used when configuring the
  * nameservers? Used to check whether we need to reconfigure. */
 static char *resolv_conf_fname = NULL;
@@ -220,12 +222,20 @@ dns_reset(void)
     tor_free(resolv_conf_fname);
     resolv_conf_mtime = 0;
   } else {
-    if (configure_nameservers(0) < 0)
+    if (configure_nameservers(0) < 0) {
       return -1;
+    }
   }
   return 0;
 }
 
+/**DOCDOC*/
+int
+has_dns_init_failed(void)
+{
+  return nameserver_config_failed;
+}
+
 /** Helper: Given a TTL from a DNS response, determine what TTL to give the
  * OP that asked us to resolve it. */
 uint32_t
@@ -1109,10 +1119,11 @@ evdns_err_is_transient(int err)
 }
 
 /** Configure eventdns nameservers if force is true, or if the configuration
- * has changed since the last time we called this function.  On Unix, this
- * reads from options->ServerDNSResolvConfFile or /etc/resolv.conf; on
- * Windows, this reads from options->ServerDNSResolvConfFile or the registry.
- * Return 0 on success or -1 on failure. */
+ * has changed since the last time we called this function, or if we failed on
+ * our last attempt.  On Unix, this reads from /etc/resolv.conf or
+ * options->ServerDNSResolvConfFile; on Windows, this reads from
+ * options->ServerDNSResolvConfFile or the registry.  Return 0 on success or
+ * -1 on failure. */
 static int
 configure_nameservers(int force)
 {
@@ -1132,7 +1143,7 @@ configure_nameservers(int force)
     if (stat(conf_fname, &st)) {
       log_warn(LD_EXIT, "Unable to stat resolver configuration in '%s': %s",
                conf_fname, strerror(errno));
-      return options->ServerDNSAllowBrokenResolvConf ? 0 : -1;
+      goto err;
     }
     if (!force && resolv_conf_fname && !strcmp(conf_fname,resolv_conf_fname)
         && st.st_mtime == resolv_conf_mtime) {
@@ -1147,11 +1158,11 @@ configure_nameservers(int force)
     if ((r = evdns_resolv_conf_parse(DNS_OPTIONS_ALL, conf_fname))) {
       log_warn(LD_EXIT, "Unable to parse '%s', or no nameservers in '%s' (%d)",
                conf_fname, conf_fname, r);
-      return options->ServerDNSAllowBrokenResolvConf ? 0 : -1;
+      goto err;
     }
     if (evdns_count_nameservers() == 0) {
       log_warn(LD_EXIT, "Unable to find any nameservers in '%s'.", conf_fname);
-      return options->ServerDNSAllowBrokenResolvConf ? 0 : -1;
+      goto err;
     }
     tor_free(resolv_conf_fname);
     resolv_conf_fname = tor_strdup(conf_fname);
@@ -1167,13 +1178,12 @@ configure_nameservers(int force)
     }
     if (evdns_config_windows_nameservers())  {
       log_warn(LD_EXIT,"Could not config nameservers.");
-      return options->ServerDNSAllowBrokenResolvConf ? 0 : -1;
+      goto err;
     }
     if (evdns_count_nameservers() == 0) {
       log_warn(LD_EXIT, "Unable to find any platform nameservers in "
-               "your Windows configuration.  Perhaps you should list a "
-               "ServerDNSResolvConfFile file in your torrc?");
-      return options->ServerDNSAllowBrokenResolvConf ? 0 : -1;
+               "your Windows configuration.");
+      goto err;
     }
     if (nameservers_configured)
       evdns_resume();
@@ -1193,7 +1203,18 @@ configure_nameservers(int force)
   dns_servers_relaunch_checks();
 
   nameservers_configured = 1;
+  if (nameserver_config_failed) {
+    nameserver_config_failed = 0;
+    mark_my_descriptor_dirty();
+  }
   return 0;
+ err:
+  nameservers_configured = 0;
+  if (! nameserver_config_failed) {
+    nameserver_config_failed = 1;
+    mark_my_descriptor_dirty();
+  }
+  return -1;
 }
 
 /** For eventdns: Called when we get an answer for a request we launched.
@@ -1284,8 +1305,9 @@ launch_resolve(edge_connection_t *exitconn)
   if (!nameservers_configured) {
     log_warn(LD_EXIT, "(Harmless.) Nameservers not configured, but resolve "
              "launched.  Configuring.");
-    if (configure_nameservers(1) < 0)
+    if (configure_nameservers(1) < 0) {
       return -1;
+    }
   }
 
   r = parse_inaddr_arpa_address(exitconn->_base.address, &in);
diff --git a/src/or/main.c b/src/or/main.c
index d68588db90..7872229f42 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -839,6 +839,7 @@ run_scheduled_events(time_t now)
   static time_t time_to_recheck_bandwidth = 0;
   static time_t time_to_check_for_expired_networkstatus = 0;
   static time_t time_to_dump_geoip_stats = 0;
+  static time_t time_to_retry_dns_init = 0;
   or_options_t *options = get_options();
   int i;
   int have_dir_info;
@@ -981,6 +982,14 @@ run_scheduled_events(time_t now)
     time_to_clean_caches = now + CLEAN_CACHES_INTERVAL;
   }
 
+#define RETRY_DNS_INTERVAL (10*60)
+  /* If we're a server and initializing dns failed, retry periodically. */
+  if (time_to_retry_dns_init < now) {
+    time_to_retry_dns_init = now + RETRY_DNS_INTERVAL;
+    if (server_mode(options) && has_dns_init_failed())
+      dns_init();
+  }
+
   /** 2. Periodically, we consider force-uploading our descriptor
    * (if we've passed our internal checks). */
 
@@ -1367,8 +1376,13 @@ do_main_loop(void)
 
   /* initialize dns resolve map, spawn workers if needed */
   if (dns_init() < 0) {
-    log_err(LD_GENERAL,"Error initializing dns subsystem; exiting");
-    return -1;
+    if (get_options()->ServerDNSAllowBrokenResolvConf)
+      log_warn(LD_GENERAL, "Couldn't set up any working nameservers. "
+               "Network not up yet?  Will try again soon.");
+    else {
+      log_err(LD_GENERAL,"Error initializing dns subsystem; exiting.  To "
+              "retry instead, set the ServerDNSAllowBrokenResolvConf option.");
+    }
   }
 
   handle_signals(1);
diff --git a/src/or/or.h b/src/or/or.h
index f58ea809f1..ac384421a9 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3456,6 +3456,7 @@ format_networkstatus_vote(crypto_pk_env_t *private_key,
 /********************************* dns.c ***************************/
 
 int dns_init(void);
+int has_dns_init_failed(void);
 void dns_free_all(void);
 uint32_t dns_clip_ttl(uint32_t ttl);
 int dns_reset(void);
diff --git a/src/or/router.c b/src/or/router.c
index 6b4dbb8304..7d215b3d7b 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1733,7 +1733,7 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
   }
 
   /* Write the exit policy to the end of 's'. */
-  if (dns_seems_to_be_broken() ||
+  if (dns_seems_to_be_broken() || has_dns_init_failed() ||
       !router->exit_policy || !smartlist_len(router->exit_policy)) {
     /* DNS is screwed up; don't claim to be an exit. */
     strlcat(s+written, "reject *:*\n", maxlen-written);
author	Nick Mathewson <nickm@torproject.org>	2008-12-10 20:45:31 +0000
committer	Nick Mathewson <nickm@torproject.org>	2008-12-10 20:45:31 +0000
commit	9aa706e20c3ae91f6cac95964e291076b88ecd48 (patch)
tree	aa50df5ac10c25413d7321fba023fe2f4ade3360
parent	355369a27a86942b34010392167ec9d284e294e4 (diff)
download	tor-9aa706e20c3ae91f6cac95964e291076b88ecd48.tar.gz tor-9aa706e20c3ae91f6cac95964e291076b88ecd48.zip