diff options
| author | Roger Dingledine <arma@torproject.org> | 2022-10-25 03:00:03 -0400 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2022-10-25 04:19:37 -0400 |
| commit | c56980f5e5fc22c9feace1dc3b6192fbd9f1ebdb (patch) | |
| tree | bf1aecc8da03a7a73d4b48042dcf4a118d865f66 /src/feature/nodelist | |
| parent | 2033cc7b5ede662dbee1b0de1850fad731ba491a (diff) | |
| download | tor-c56980f5e5fc22c9feace1dc3b6192fbd9f1ebdb.tar.gz tor-c56980f5e5fc22c9feace1dc3b6192fbd9f1ebdb.zip | |
use consensus ip:port for dir auths if different
Directory authorities and relays now interact properly with directory
authorities if they change addresses. In the past, they would continue
to upload votes, signatures, descriptors, etc to the hard-coded address
in the configuration. Now, if the directory authority is listed in
the consensus at a different address, they will direct queries to this
new address.
Specifically, these three activities have changed:
* Posting a vote, a signature, or a relay descriptor to all the dir auths.
* Dir auths fetching missing votes or signatures from all the dir auths.
* Dir auths fetching new descriptors from a specific dir auth when they
just learned about them from that dir auth's vote.
We already do this desired behavior (prefer the address in the consensus,
but fall back to the hard-coded dirservers info if needed) when fetching
missing certs.
There is a fifth case, in router_pick_trusteddirserver(), where clients
and relays are trying to reach a random dir auth to fetch something. I
left that case alone for now because the interaction with fallbackdirs
is complicated.
Implements ticket 40705.
Diffstat (limited to 'src/feature/nodelist')
| -rw-r--r-- | src/feature/nodelist/routerlist.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/src/feature/nodelist/routerlist.c b/src/feature/nodelist/routerlist.c index 8bcc42bc3f..9f0f845126 100644 --- a/src/feature/nodelist/routerlist.c +++ b/src/feature/nodelist/routerlist.c @@ -2651,7 +2651,7 @@ update_consensus_router_descriptor_downloads(time_t now, int is_vote, digestmap_t *map = NULL; smartlist_t *no_longer_old = smartlist_new(); smartlist_t *downloadable = smartlist_new(); - routerstatus_t *source = NULL; + const routerstatus_t *source = NULL; int authdir = authdir_mode(options); int n_delayed=0, n_have=0, n_would_reject=0, n_wouldnt_use=0, n_inprogress=0, n_in_oldrouters=0; @@ -2667,10 +2667,17 @@ update_consensus_router_descriptor_downloads(time_t now, int is_vote, networkstatus_voter_info_t *voter = smartlist_get(consensus->voters, 0); tor_assert(voter); ds = trusteddirserver_get_by_v3_auth_digest(voter->identity_digest); - if (ds) - source = &(ds->fake_status); - else + if (ds) { + source = router_get_consensus_status_by_id(ds->digest); + if (!source) { + /* prefer to use the address in the consensus, but fall back to + * the hard-coded trusted_dir_server address if we don't have a + * consensus or this digest isn't in our consensus. */ + source = &ds->fake_status; + } + } else { log_warn(LD_DIR, "couldn't lookup source from vote?"); + } } map = digestmap_new(); |