Possible bug 265 fix: authorities must be more strict than clients about age of acceptable routers; make routers publish every 12 hours; client ROUTER_MAX_AGE must be greater than NETWORKSTATUS_MAX_AGE+authoirty ROUTER_MAX_AGE.

svn:r6095

3 files changed, 15 insertions, 13 deletions

diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 379cc85c7e..e197477231 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -457,7 +457,7 @@ authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg,
       "timezone is not correct.";
     return -1;
   }
-  if (ri->cache_info.published_on < now-ROUTER_MAX_AGE) {
+  if (ri->cache_info.published_on < now-ROUTER_MAX_AGE_TO_PUBLISH) {
     log_fn(severity, LD_DIRSERV,
            "Publication time for router with nickname '%s' is too far "
            "(%d minutes) in the past. Not adding (ContactInfo '%s', "
@@ -742,7 +742,7 @@ list_server_status(smartlist_t *routers, char **router_status_out)
    * equals-suffixed nickname, then a dollar-prefixed hexdigest. */
   smartlist_t *rs_entries;
   time_t now = time(NULL);
-  time_t cutoff = now - ROUTER_MAX_AGE;
+  time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
   int authdir_mode = get_options()->AuthoritativeDir;
   tor_assert(router_status_out);
 
@@ -917,7 +917,7 @@ set_cached_dir(cached_dir_t *d, char *directory, time_t when)
   if (when<=d->published) {
     log_info(LD_DIRSERV, "Ignoring old directory; not caching.");
     tor_free(directory);
-  } else if (when>=now+ROUTER_MAX_AGE) {
+  } else if (when>=now+ROUTER_MAX_AGE_TO_PUBLISH) {
     log_info(LD_DIRSERV, "Ignoring future directory; not caching.");
     tor_free(directory);
   } else {
@@ -1327,7 +1327,7 @@ generate_v2_networkstatus(void)
   crypto_pk_env_t *private_key = get_identity_key();
   routerlist_t *rl = router_get_routerlist();
   time_t now = time(NULL);
-  time_t cutoff = now - ROUTER_MAX_AGE;
+  time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
   int naming = options->NamingAuthoritativeDir;
   int versioning = options->VersioningAuthoritativeDir;
   const char *contact;
@@ -1593,7 +1593,7 @@ dirserv_get_routerdescs(smartlist_t *descs_out, const char *key,
     smartlist_free(digests);
   } else if (!strcmpstart(key, "/tor/server/fp/")) {
     smartlist_t *digests = smartlist_create();
-    time_t cutoff = time(NULL) - ROUTER_MAX_AGE;
+    time_t cutoff = time(NULL) - ROUTER_MAX_AGE_TO_PUBLISH;
     key += strlen("/tor/server/fp/");
     dir_split_resource_into_fingerprints(key, digests, NULL, 1);
     SMARTLIST_FOREACH(digests, const char *, d,
diff --git a/src/or/or.h b/src/or/or.h
index 5b0f576aa4..97501f1def 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -190,9 +190,14 @@
 
 /** How old do we allow a router to get before removing it
  * from the router list? In seconds. */
-#define ROUTER_MAX_AGE (60*60*24)
+#define ROUTER_MAX_AGE (60*60*48)
+/** How old can a router get before we (as a server) will no longer
+ * consider it live? In seconds. */
+#define ROUTER_MAX_AGE_TO_PUBLISH (60*60*20)
 /** How old do we let a saved descriptor get before removing it? */
-#define OLD_ROUTER_DESC_MAX_AGE (60*60*48)
+#define OLD_ROUTER_DESC_MAX_AGE (60*60*60)
+/** How old do we let a networkstatus get before ignoring it? */
+#define NETWORKSTATUS_MAX_AGE (60*60*24)
 
 typedef enum {
   CIRC_ID_TYPE_LOWER=0,
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index d2f2e8f5a3..55a9f6a736 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -1967,7 +1967,7 @@ add_networkstatus_to_cache(const char *s,
 
 /** How far in the future do we allow a network-status to get before removing
  * it? (seconds) */
-#define NETWORKSTATUS_ALLOW_SKEW (48*60*60)
+#define NETWORKSTATUS_ALLOW_SKEW (24*60*60)
 /** Given a string <b>s</b> containing a network status that we received at
  * <b>arrived_at</b> from <b>source</b>, try to parse it, see if we want to
  * store it, and put it into our cache is necessary.
@@ -2272,9 +2272,6 @@ update_networkstatus_cache_downloads(time_t now)
   }
 }
 
-/*XXXX Should these be configurable? NM*/
-/** How old (in seconds) can a network-status be before we try replacing it? */
-#define NETWORKSTATUS_MAX_VALIDITY (48*60*60)
 /** How long (in seconds) does a client wait after getting a network status
  * before downloading the next in sequence? */
 #define NETWORKSTATUS_CLIENT_DL_INTERVAL (30*60)
@@ -2301,7 +2298,7 @@ update_networkstatus_client_downloads(time_t now)
 
   /* This is a little tricky.  We want to download enough network-status
    * objects so that we have at least half of them under
-   * NETWORKSTATUS_MAX_VALIDITY publication time.  We want to download a new
+   * NETWORKSTATUS_MAX_AGE publication time.  We want to download a new
    * *one* if the most recent one's publication time is under
    * NETWORKSTATUS_CLIENT_DL_INTERVAL.
    */
@@ -2317,7 +2314,7 @@ update_networkstatus_client_downloads(time_t now)
          --n_running_dirservers;
          continue;
        }
-       if (ns->published_on > now-NETWORKSTATUS_MAX_VALIDITY)
+       if (ns->published_on > now-NETWORKSTATUS_MAX_AGE)
          ++n_live;
        if (!most_recent || ns->received_on > most_recent_received) {
          most_recent_idx = ds_sl_idx; /* magic variable from FOREACH */