aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2018-09-04 10:44:36 -0400
committerNick Mathewson <nickm@torproject.org>2018-09-04 10:44:36 -0400
commit94b04d6c64ec998a9117d65a156888fa3af188e5 (patch)
tree08ed94f695e8c1b9abef413a8bfee98c8be07be8
parent1c62adb65baa99c92f937318c452955306301643 (diff)
parent81f4223329a709e5138532b037a58c118b30dd7f (diff)
downloadtor-94b04d6c64ec998a9117d65a156888fa3af188e5.tar.gz
tor-94b04d6c64ec998a9117d65a156888fa3af188e5.zip
Merge branch 'bug24104_029_squashed'
-rw-r--r--changes/bug241044
-rw-r--r--src/feature/relay/router.c27
-rw-r--r--src/feature/stats/rephist.c4
-rw-r--r--src/feature/stats/rephist.h2
-rw-r--r--src/test/log_test_helpers.c20
-rw-r--r--src/test/log_test_helpers.h5
-rw-r--r--src/test/test_router.c130
7 files changed, 180 insertions, 12 deletions
diff --git a/changes/bug24104 b/changes/bug24104
new file mode 100644
index 0000000000..ca2a3537fa
--- /dev/null
+++ b/changes/bug24104
@@ -0,0 +1,4 @@
+ o Minor bugfix (relay statistics):
+ - Update relay descriptor on bandwidth changes only when the uptime is
+ smaller than 24h in order to reduce the efficiency of guard discovery
+ attacks. Fixes bug 24104; bugfix on 0.1.1.6-alpha.
diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
index ad97d534c2..b9a930dbe9 100644
--- a/src/feature/relay/router.c
+++ b/src/feature/relay/router.c
@@ -2644,25 +2644,42 @@ mark_my_descriptor_dirty(const char *reason)
* if our previous bandwidth estimate was exactly 0. */
#define MAX_BANDWIDTH_CHANGE_FREQ (3*60*60)
+/** Maximum uptime to republish our descriptor because of large shifts in
+ * estimated bandwidth. */
+#define MAX_UPTIME_BANDWIDTH_CHANGE (24*60*60)
+
+/** By which factor bandwidth shifts have to change to be considered large. */
+#define BANDWIDTH_CHANGE_FACTOR 2
+
/** Check whether bandwidth has changed a lot since the last time we announced
- * bandwidth. If so, mark our descriptor dirty. */
+ * bandwidth while the uptime is smaller than MAX_UPTIME_BANDWIDTH_CHANGE.
+ * If so, mark our descriptor dirty. */
void
check_descriptor_bandwidth_changed(time_t now)
{
static time_t last_changed = 0;
uint64_t prev, cur;
+ const int hibernating = we_are_hibernating();
+
+ /* If the relay uptime is bigger than MAX_UPTIME_BANDWIDTH_CHANGE,
+ * the next regularly scheduled descriptor update (18h) will be enough */
+ if (get_uptime() > MAX_UPTIME_BANDWIDTH_CHANGE && !hibernating)
+ return;
+
const routerinfo_t *my_ri = router_get_my_routerinfo();
- if (!my_ri) /* make sure routerinfo exists */
+
+ if (!my_ri)
return;
prev = my_ri->bandwidthcapacity;
/* Consider ourselves to have zero bandwidth if we're hibernating or
* shutting down. */
- cur = we_are_hibernating() ? 0 : rep_hist_bandwidth_assess();
+ cur = hibernating ? 0 : rep_hist_bandwidth_assess();
+
if ((prev != cur && (!prev || !cur)) ||
- cur > prev*2 ||
- cur < prev/2) {
+ cur > (prev * BANDWIDTH_CHANGE_FACTOR) ||
+ cur < (prev / BANDWIDTH_CHANGE_FACTOR) ) {
if (last_changed+MAX_BANDWIDTH_CHANGE_FREQ < now || !prev) {
log_info(LD_GENERAL,
"Measured bandwidth has changed; rebuilding descriptor.");
diff --git a/src/feature/stats/rephist.c b/src/feature/stats/rephist.c
index 6bb680c5dc..e24728ca76 100644
--- a/src/feature/stats/rephist.c
+++ b/src/feature/stats/rephist.c
@@ -1216,8 +1216,8 @@ find_largest_max(bw_array_t *b)
*
* Return the smaller of these sums, divided by NUM_SECS_ROLLING_MEASURE.
*/
-int
-rep_hist_bandwidth_assess(void)
+MOCK_IMPL(int,
+rep_hist_bandwidth_assess,(void))
{
uint64_t w,r;
r = find_largest_max(read_array);
diff --git a/src/feature/stats/rephist.h b/src/feature/stats/rephist.h
index 06a5e48211..67a015a4cd 100644
--- a/src/feature/stats/rephist.h
+++ b/src/feature/stats/rephist.h
@@ -22,7 +22,7 @@ void rep_hist_make_router_pessimal(const char *id, time_t when);
void rep_hist_note_dir_bytes_read(size_t num_bytes, time_t when);
void rep_hist_note_dir_bytes_written(size_t num_bytes, time_t when);
-int rep_hist_bandwidth_assess(void);
+MOCK_DECL(int, rep_hist_bandwidth_assess, (void));
char *rep_hist_get_bandwidth_lines(void);
void rep_hist_update_state(or_state_t *state);
int rep_hist_load_state(or_state_t *state, char **err);
diff --git a/src/test/log_test_helpers.c b/src/test/log_test_helpers.c
index 0d0f7574c3..2e91b1ecdc 100644
--- a/src/test/log_test_helpers.c
+++ b/src/test/log_test_helpers.c
@@ -158,6 +158,26 @@ mock_saved_log_has_message_containing(const char *msg)
return 0;
}
+/**
+ * Return true iff there is not a message recorded by log capture
+ * that contains <b>msg</b> as a substring.
+ */
+int
+mock_saved_log_has_message_not_containing(const char *msg)
+{
+ if (saved_logs) {
+ SMARTLIST_FOREACH(
+ saved_logs, mock_saved_log_entry_t *, m,
+ {
+ if (msg && m->generated_msg && strstr(m->generated_msg, msg))
+ return 0;
+ }
+ );
+ }
+
+ return 1;
+}
+
/** Return true iff the saved logs have any messages with <b>severity</b> */
int
mock_saved_log_has_severity(int severity)
diff --git a/src/test/log_test_helpers.h b/src/test/log_test_helpers.h
index fc9768c125..dcd3297346 100644
--- a/src/test/log_test_helpers.h
+++ b/src/test/log_test_helpers.h
@@ -24,6 +24,7 @@ void teardown_capture_of_logs(void);
int mock_saved_log_has_message(const char *msg);
int mock_saved_log_has_message_containing(const char *msg);
+int mock_saved_log_has_message_not_containing(const char *msg);
int mock_saved_log_has_severity(int severity);
int mock_saved_log_has_entry(void);
int mock_saved_log_n_entries(void);
@@ -46,6 +47,10 @@ void mock_dump_saved_logs(void);
assert_log_predicate(mock_saved_log_has_message_containing(str), \
"expected log to contain " # str);
+#define expect_log_msg_not_containing(str) \
+ assert_log_predicate(mock_saved_log_has_message_not_containing(str), \
+ "expected log to not contain " # str);
+
#define expect_log_msg_containing_either(str1, str2) \
assert_log_predicate(mock_saved_log_has_message_containing(str1) || \
mock_saved_log_has_message_containing(str2), \
diff --git a/src/test/test_router.c b/src/test/test_router.c
index 613ec04021..6e64131fc8 100644
--- a/src/test/test_router.c
+++ b/src/test/test_router.c
@@ -9,15 +9,18 @@
#include "core/or/or.h"
#include "app/config/config.h"
+#include "core/mainloop/main.h"
+#include "feature/hibernate/hibernate.h"
+#include "feature/nodelist/routerinfo_st.h"
+#include "feature/nodelist/routerlist.h"
+#include "feature/relay/router.h"
+#include "feature/stats/rephist.h"
#include "lib/crypt_ops/crypto_curve25519.h"
#include "lib/crypt_ops/crypto_ed25519.h"
-#include "feature/relay/router.h"
-#include "feature/nodelist/routerlist.h"
-
-#include "feature/nodelist/routerinfo_st.h"
/* Test suite stuff */
#include "test/test.h"
+#include "test/log_test_helpers.h"
NS_DECL(const routerinfo_t *, router_get_my_routerinfo, (void));
@@ -108,10 +111,129 @@ test_router_dump_router_to_string_no_bridge_distribution_method(void *arg)
tor_free(desc);
}
+static routerinfo_t *mock_router_get_my_routerinfo_result = NULL;
+
+static const routerinfo_t *
+mock_router_get_my_routerinfo(void)
+{
+ return mock_router_get_my_routerinfo_result;
+}
+
+static long
+mock_get_uptime_3h(void)
+{
+ return 3*60*60;
+}
+
+static long
+mock_get_uptime_1d(void)
+{
+ return 24*60*60;
+}
+
+static int
+mock_rep_hist_bandwidth_assess(void)
+{
+ return 20001;
+}
+
+static int
+mock_we_are_not_hibernating(void)
+{
+ return 0;
+}
+
+static int
+mock_we_are_hibernating(void)
+{
+ return 0;
+}
+
+static void
+test_router_check_descriptor_bandwidth_changed(void *arg)
+{
+ (void)arg;
+ routerinfo_t routerinfo;
+ memset(&routerinfo, 0, sizeof(routerinfo));
+ mock_router_get_my_routerinfo_result = NULL;
+
+ MOCK(we_are_hibernating, mock_we_are_not_hibernating);
+ MOCK(router_get_my_routerinfo, mock_router_get_my_routerinfo);
+ mock_router_get_my_routerinfo_result = &routerinfo;
+
+ /* When uptime is less than 24h, no previous bandwidth, no last_changed
+ * Uptime: 10800, last_changed: 0, Previous bw: 0, Current bw: 0 */
+ routerinfo.bandwidthcapacity = 0;
+ MOCK(get_uptime, mock_get_uptime_3h);
+ setup_full_capture_of_logs(LOG_INFO);
+ check_descriptor_bandwidth_changed(time(NULL));
+ expect_log_msg_not_containing(
+ "Measured bandwidth has changed; rebuilding descriptor.");
+ teardown_capture_of_logs();
+
+ /* When uptime is less than 24h, previous bandwidth,
+ * last_changed more than 3h ago
+ * Uptime: 10800, last_changed: 0, Previous bw: 10000, Current bw: 0 */
+ routerinfo.bandwidthcapacity = 10000;
+ setup_full_capture_of_logs(LOG_INFO);
+ check_descriptor_bandwidth_changed(time(NULL));
+ expect_log_msg_containing(
+ "Measured bandwidth has changed; rebuilding descriptor.");
+ teardown_capture_of_logs();
+
+ /* When uptime is less than 24h, previous bandwidth,
+ * last_changed more than 3h ago, and hibernating
+ * Uptime: 10800, last_changed: 0, Previous bw: 10000, Current bw: 0 */
+
+ UNMOCK(we_are_hibernating);
+ MOCK(we_are_hibernating, mock_we_are_hibernating);
+ routerinfo.bandwidthcapacity = 10000;
+ setup_full_capture_of_logs(LOG_INFO);
+ check_descriptor_bandwidth_changed(time(NULL));
+ expect_log_msg_not_containing(
+ "Measured bandwidth has changed; rebuilding descriptor.");
+ teardown_capture_of_logs();
+ UNMOCK(we_are_hibernating);
+ MOCK(we_are_hibernating, mock_we_are_not_hibernating);
+
+ /* When uptime is less than 24h, last_changed is not more than 3h ago
+ * Uptime: 10800, last_changed: x, Previous bw: 10000, Current bw: 0 */
+ setup_full_capture_of_logs(LOG_INFO);
+ check_descriptor_bandwidth_changed(time(NULL));
+ expect_log_msg_not_containing(
+ "Measured bandwidth has changed; rebuilding descriptor.");
+ teardown_capture_of_logs();
+
+ /* When uptime is less than 24h and bandwidthcapacity does not change
+ * Uptime: 10800, last_changed: x, Previous bw: 10000, Current bw: 20001 */
+ MOCK(rep_hist_bandwidth_assess, mock_rep_hist_bandwidth_assess);
+ setup_full_capture_of_logs(LOG_INFO);
+ check_descriptor_bandwidth_changed(time(NULL) + 6*60*60 + 1);
+ expect_log_msg_containing(
+ "Measured bandwidth has changed; rebuilding descriptor.");
+ UNMOCK(get_uptime);
+ UNMOCK(rep_hist_bandwidth_assess);
+ teardown_capture_of_logs();
+
+ /* When uptime is more than 24h */
+ MOCK(get_uptime, mock_get_uptime_1d);
+ setup_full_capture_of_logs(LOG_INFO);
+ check_descriptor_bandwidth_changed(time(NULL));
+ expect_log_msg_not_containing(
+ "Measured bandwidth has changed; rebuilding descriptor.");
+ teardown_capture_of_logs();
+
+ done:
+ UNMOCK(get_uptime);
+ UNMOCK(router_get_my_routerinfo);
+ UNMOCK(we_are_hibernating);
+}
+
#define ROUTER_TEST(name, flags) \
{ #name, test_router_ ## name, flags, NULL, NULL }
struct testcase_t router_tests[] = {
+ ROUTER_TEST(check_descriptor_bandwidth_changed, TT_FORK),
ROUTER_TEST(dump_router_to_string_no_bridge_distribution_method, TT_FORK),
END_OF_TESTCASES
};