aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2008-01-07 19:15:34 +0000
committerNick Mathewson <nickm@torproject.org>2008-01-07 19:15:34 +0000
commit177d5102d5766827649f889280f4c6c15335bc36 (patch)
treed493cfbef6bb59c9ec6b48097f014cca056f9e75
parenta62ab48d30bc26ba761752269d0129fe159d477f (diff)
downloadtor-177d5102d5766827649f889280f4c6c15335bc36.tar.gz
tor-177d5102d5766827649f889280f4c6c15335bc36.zip
r17503@catbus: nickm | 2008-01-07 14:15:30 -0500
Change set_current_consensus interface to take a flags variable. Do not try to fetch certificates until after we have tried loading the fallback consensus. Should fix bug 583. svn:r13058
-rw-r--r--ChangeLog2
-rw-r--r--src/or/directory.c2
-rw-r--r--src/or/dirvote.c2
-rw-r--r--src/or/networkstatus.c26
-rw-r--r--src/or/or.h6
5 files changed, 26 insertions, 12 deletions
diff --git a/ChangeLog b/ChangeLog
index 9bf99d1514..24faf118ef 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -33,6 +33,8 @@ Changes in version 0.2.0.16-alpha - 2008-01-??
anymore, and we try to upload a hidden service descriptor.
- Stop leaking one cert per TLS context. Fixes bug 582. Bugfix
on 0.2.0.15-alpha.
+ - Do not try to download missing certificates until we have tried
+ to check our fallback consensus. Fixes bug 583.
o Minor features (controller):
- Get NS events working again. (Patch from tup)
diff --git a/src/or/directory.c b/src/or/directory.c
index c4c491f43f..fbe8bdaaf3 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -1483,7 +1483,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
}
log_info(LD_DIR,"Received consensus directory (size %d) from server "
"'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
- if ((r=networkstatus_set_current_consensus(body, 0, 0))<0) {
+ if ((r=networkstatus_set_current_consensus(body, 0))<0) {
log_fn(r<-1?LOG_WARN:LOG_INFO, LD_DIR,
"Unable to load consensus directory downloaded from "
"server '%s:%d'", conn->_base.address, conn->_base.port);
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 7201af804a..7a8f1adcb5 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -1850,7 +1850,7 @@ dirvote_publish_consensus(void)
return -1;
}
- if (networkstatus_set_current_consensus(pending_consensus_body, 0, 0))
+ if (networkstatus_set_current_consensus(pending_consensus_body, 0))
log_warn(LD_DIR, "Error publishing consensus");
else
log_notice(LD_DIR, "Consensus published.");
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index 99288ea530..a3a16a9dfd 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -163,13 +163,14 @@ router_reload_consensus_networkstatus(void)
char *s;
struct stat st;
or_options_t *options = get_options();
+ const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS;
/* XXXX020 Suppress warnings if cached consensus is bad. */
filename = get_datadir_fname("cached-consensus");
s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
if (s) {
- if (networkstatus_set_current_consensus(s, 1, 0)) {
+ if (networkstatus_set_current_consensus(s, flags)) {
log_warn(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
filename);
}
@@ -180,7 +181,8 @@ router_reload_consensus_networkstatus(void)
filename = get_datadir_fname("unverified-consensus");
s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
if (s) {
- if (networkstatus_set_current_consensus(s, 1, 1)) {
+ if (networkstatus_set_current_consensus(s,
+ flags|NSSET_WAS_WAITING_FOR_CERTS)) {
log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
filename);
}
@@ -194,7 +196,7 @@ router_reload_consensus_networkstatus(void)
s = read_file_to_str(options->FallbackNetworkstatusFile,
RFTS_IGNORE_MISSING, NULL);
if (s) {
- if (networkstatus_set_current_consensus(s, 1, 1)) {
+ if (networkstatus_set_current_consensus(s, flags)) {
log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
options->FallbackNetworkstatusFile);
} else {
@@ -212,6 +214,8 @@ router_reload_consensus_networkstatus(void)
unnamed_server_map = strmap_new();
}
+ update_certificate_downloads(time(NULL));
+
routers_update_all_from_networkstatus(time(NULL), 3);
return 0;
@@ -1323,13 +1327,17 @@ networkstatus_copy_old_consensus_info(networkstatus_vote_t *new_c,
* user, and -2 for more serious problems.
*/
int
-networkstatus_set_current_consensus(const char *consensus, int from_cache,
- int was_waiting_for_certs)
+networkstatus_set_current_consensus(const char *consensus, unsigned flags)
+
+
{
networkstatus_vote_t *c;
int r, result = -1;
time_t now = time(NULL);
char *unverified_fname = NULL, *consensus_fname = NULL;
+ const unsigned from_cache = flags & NSSET_FROM_CACHE;
+ const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
+ const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
/* Make sure it's parseable. */
c = networkstatus_parse_vote_from_string(consensus, NULL, 0);
@@ -1380,7 +1388,8 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
if (!from_cache) {
write_str_to_file(unverified_fname, consensus, 0);
}
- authority_certs_fetch_missing(c, now);
+ if (dl_certs)
+ authority_certs_fetch_missing(c, now);
/* This case is not a success or a failure until we get the certs
* or fail to get the certs. */
result = 0;
@@ -1405,7 +1414,7 @@ networkstatus_set_current_consensus(const char *consensus, int from_cache,
}
/* Are we missing any certificates at all? */
- if (r != 1)
+ if (r != 1 && dl_certs)
authority_certs_fetch_missing(c, now);
if (control_event_is_interesting(EVENT_NS))
@@ -1486,7 +1495,8 @@ networkstatus_note_certs_arrived(void)
if (networkstatus_check_consensus_signature(
consensus_waiting_for_certs, 0)>=0) {
if (!networkstatus_set_current_consensus(
- consensus_waiting_for_certs_body, 0, 1)) {
+ consensus_waiting_for_certs_body,
+ NSSET_WAS_WAITING_FOR_CERTS)) {
tor_free(consensus_waiting_for_certs_body);
}
}
diff --git a/src/or/or.h b/src/or/or.h
index dcb89bb54a..f00934cdb5 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3366,8 +3366,10 @@ networkstatus_v2_t *networkstatus_v2_get_by_digest(const char *digest);
networkstatus_vote_t *networkstatus_get_latest_consensus(void);
networkstatus_vote_t *networkstatus_get_live_consensus(time_t now);
networkstatus_vote_t *networkstatus_get_reasonably_live_consensus(time_t now);
-int networkstatus_set_current_consensus(const char *consensus, int from_cache,
- int was_waiting_for_certs);
+#define NSSET_FROM_CACHE 1
+#define NSSET_WAS_WAITING_FOR_CERTS 2
+#define NSSET_DONT_DOWNLOAD_CERTS 4
+int networkstatus_set_current_consensus(const char *consensus, unsigned flags);
void networkstatus_note_certs_arrived(void);
void routers_update_all_from_networkstatus(time_t now, int dir_version);
void routerstatus_list_update_from_consensus_networkstatus(time_t now);