aboutsummaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@torproject.org>2017-11-08 14:36:04 -0500
committerDavid Goulet <dgoulet@torproject.org>2017-11-08 14:46:49 -0500
commitfa70aabb62652aa49537a6730eb4a3a95f9219c3 (patch)
tree9f3045fae75f961223edd39469c2f1f15fa1c26d /src/or
parent61330f40a50e304b7d7f386ab86a27292a4aa543 (diff)
downloadtor-fa70aabb62652aa49537a6730eb4a3a95f9219c3.tar.gz
tor-fa70aabb62652aa49537a6730eb4a3a95f9219c3.zip
dirauth: Recalculate voting schedule at first vote
Commit e67f4441eb2646368e3e7cb1bcee403667b786f0 introduced a safeguard against using an uninitialized voting schedule object. However, the dirvote_act() code was looking roughly at the same thing to know if it had to compute the timings before voting with this condition: if (!voting_schedule.voting_starts) { ... dirvote_recalculate_timing(options, now); } The sr_init() function is called very early and goes through the safeguard thus the voting schedule is always initilized before the first vote. That first vote is a crucial one because we need to have our voting schedule aligned to the "now" time we are about to use for voting. Then, the schedule is updated when we publish our consensus or/and when we set a new consensus. From that point on, we only want to update the voting schedule through that code flow. This "created_on_demand" is indicating that the timings have been recalculated on demand by another subsystem so if it is flagged, we know that we need to ignore its values before voting. Fixes #24186 Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/or')
-rw-r--r--src/or/dirvote.c9
-rw-r--r--src/or/dirvote.h7
2 files changed, 15 insertions, 1 deletions
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index f2194ed6e6..ce82a5ef4a 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -2865,6 +2865,7 @@ dirvote_get_next_valid_after_time(void)
if (tor_mem_is_zero((const char *) &voting_schedule,
sizeof(voting_schedule))) {
dirvote_recalculate_timing(get_options(), time(NULL));
+ voting_schedule.created_on_demand = 1;
}
return voting_schedule.interval_starts;
}
@@ -2892,7 +2893,13 @@ dirvote_act(const or_options_t *options, time_t now)
{
if (!authdir_mode_v3(options))
return;
- if (!voting_schedule.voting_starts) {
+ tor_assert_nonfatal(voting_schedule.voting_starts);
+ /* If we haven't initialized this object through this codeflow, we need to
+ * recalculate the timings to match our vote. The reason to do that is if we
+ * have a voting schedule initialized 1 minute ago, the voting timings might
+ * not be aligned to what we should expect with "now". This is especially
+ * true for TestingTorNetwork using smaller timings. */
+ if (voting_schedule.created_on_demand) {
char *keys = list_v3_auth_ids();
authority_cert_t *c = get_my_v3_authority_cert();
log_notice(LD_DIR, "Scheduling voting. Known authority IDs are %s. "
diff --git a/src/or/dirvote.h b/src/or/dirvote.h
index f8eb52de81..72a35fea6d 100644
--- a/src/or/dirvote.h
+++ b/src/or/dirvote.h
@@ -168,6 +168,13 @@ typedef struct {
int have_fetched_missing_signatures;
/* True iff we have published our consensus. */
int have_published_consensus;
+
+ /* True iff this voting schedule was set on demand meaning not through the
+ * normal vote operation of a dirauth or when a consensus is set. This only
+ * applies to a directory authority that needs to recalculate the voting
+ * timings only for the first vote even though this object was initilized
+ * prior to voting. */
+ int created_on_demand;
} voting_schedule_t;
void dirvote_get_preferred_voting_intervals(vote_timing_t *timing_out);