diff options
| author | David Goulet <dgoulet@torproject.org> | 2017-11-08 14:36:04 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2017-11-08 14:46:49 -0500 |
| commit | fa70aabb62652aa49537a6730eb4a3a95f9219c3 (patch) | |
| tree | 9f3045fae75f961223edd39469c2f1f15fa1c26d /src/or/dirvote.c | |
| parent | 61330f40a50e304b7d7f386ab86a27292a4aa543 (diff) | |
| download | tor-fa70aabb62652aa49537a6730eb4a3a95f9219c3.tar.gz tor-fa70aabb62652aa49537a6730eb4a3a95f9219c3.zip | |
dirauth: Recalculate voting schedule at first vote
Commit e67f4441eb2646368e3e7cb1bcee403667b786f0 introduced a safeguard against
using an uninitialized voting schedule object. However, the dirvote_act() code
was looking roughly at the same thing to know if it had to compute the timings
before voting with this condition:
if (!voting_schedule.voting_starts) {
...
dirvote_recalculate_timing(options, now);
}
The sr_init() function is called very early and goes through the safeguard
thus the voting schedule is always initilized before the first vote.
That first vote is a crucial one because we need to have our voting schedule
aligned to the "now" time we are about to use for voting. Then, the schedule
is updated when we publish our consensus or/and when we set a new consensus.
From that point on, we only want to update the voting schedule through that
code flow.
This "created_on_demand" is indicating that the timings have been recalculated
on demand by another subsystem so if it is flagged, we know that we need to
ignore its values before voting.
Fixes #24186
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/or/dirvote.c')
| -rw-r--r-- | src/or/dirvote.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/or/dirvote.c b/src/or/dirvote.c index f2194ed6e6..ce82a5ef4a 100644 --- a/src/or/dirvote.c +++ b/src/or/dirvote.c @@ -2865,6 +2865,7 @@ dirvote_get_next_valid_after_time(void) if (tor_mem_is_zero((const char *) &voting_schedule, sizeof(voting_schedule))) { dirvote_recalculate_timing(get_options(), time(NULL)); + voting_schedule.created_on_demand = 1; } return voting_schedule.interval_starts; } @@ -2892,7 +2893,13 @@ dirvote_act(const or_options_t *options, time_t now) { if (!authdir_mode_v3(options)) return; - if (!voting_schedule.voting_starts) { + tor_assert_nonfatal(voting_schedule.voting_starts); + /* If we haven't initialized this object through this codeflow, we need to + * recalculate the timings to match our vote. The reason to do that is if we + * have a voting schedule initialized 1 minute ago, the voting timings might + * not be aligned to what we should expect with "now". This is especially + * true for TestingTorNetwork using smaller timings. */ + if (voting_schedule.created_on_demand) { char *keys = list_v3_auth_ids(); authority_cert_t *c = get_my_v3_authority_cert(); log_notice(LD_DIR, "Scheduling voting. Known authority IDs are %s. " |