If the cached networkstatus consensus is more than five days old,

discard it rather than trying to use it. In theory it could
be useful because it lists alternate directory mirrors, but in
practice it just means we spend many minutes trying directory
mirrors that are long gone from the network. Helps bug 887 a bit;
bugfix on 0.2.0.x.

svn:r17917

diff --git a/ChangeLog b/ChangeLog
index 8b64bd0a3d5be9d12890be3395a647c7d456521b..a3a180ffcfc204f22c9d6903996834f4016e53b3 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,12 @@
 Changes in version 0.2.1.10-alpha - 2009-01-??
+  o Major bugfixes:
+    - If the cached networkstatus consensus is more than five days old,
+      discard it rather than trying to use it. In theory it could
+      be useful because it lists alternate directory mirrors, but in
+      practice it just means we spend many minutes trying directory
+      mirrors that are long gone from the network. Helps bug 887 a bit;
+      bugfix on 0.2.0.x.
+
   o Minor features:
     - New controller event "clients_seen" to report a geoip-based summary
       of which countries we've seen clients from recently. Now controllers

diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index e942567403c63a7a2a43a063ea21b91365a829fd..0290832c3ab49ed5e565298603adb0825a3c5695 100644 (file)
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -211,7 +211,8 @@ router_reload_consensus_networkstatus(void)
     s = read_file_to_str(options->FallbackNetworkstatusFile,
                          RFTS_IGNORE_MISSING, NULL);
     if (s) {
-      if (networkstatus_set_current_consensus(s, flags)) {
+      if (networkstatus_set_current_consensus(s,
+                                              flags|NSSET_ACCEPT_OBSOLETE)) {
         log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
                  options->FallbackNetworkstatusFile);
       } else {
@@ -1371,6 +1372,8 @@ networkstatus_copy_old_consensus_info(networkstatus_t *new_c,
  * cache.  If flags & NSSET_WAS_WAITING_FOR_CERTS, this networkstatus was
  * already received, but we were waiting for certificates on it.  If flags &
  * NSSET_DONT_DOWNLOAD_CERTS, do not launch certificate downloads as needed.
+ * If flags & NSSET_ACCEPT_OBSOLETE, then we should be willing to take this
+ * consensus, even if it comes from many days in the past.
  *
  * Return 0 on success, <0 on failure.  On failure, caller should increment
  * the failure count as appropriate.
@@ -1388,6 +1391,7 @@ networkstatus_set_current_consensus(const char *consensus, unsigned flags)
   const unsigned from_cache = flags & NSSET_FROM_CACHE;
   const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
   const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
+  const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE;
 
   /* Make sure it's parseable. */
   c = networkstatus_parse_vote_from_string(consensus, NULL, NS_TYPE_CONSENSUS);
@@ -1397,6 +1401,15 @@ networkstatus_set_current_consensus(const char *consensus, unsigned flags)
     goto done;
   }
 
+  if (from_cache && !accept_obsolete &&
+      c->valid_until < now-OLD_ROUTER_DESC_MAX_AGE) {
+    /* XXX022 when we try to make fallbackconsensus work again, we should
+     * consider taking this out. Until then, believing obsolete consensuses
+     * is causing more harm than good. See also bug 887. */
+    log_info(LD_DIR, "Loaded an obsolete consensus. Discarding.");
+    goto done;
+  }
+
   if (current_consensus &&
       !memcmp(c->networkstatus_digest, current_consensus->networkstatus_digest,
               DIGEST_LEN)) {

diff --git a/src/or/or.h b/src/or/or.h
index 2d6fb3e0efacc246055c0aeb2d1885831cd323b0..765669aa2ef7ee332bfe01210a78fbc55ea2cfbf 100644 (file)
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3758,6 +3758,7 @@ networkstatus_t *networkstatus_get_reasonably_live_consensus(time_t now);
 #define NSSET_FROM_CACHE 1
 #define NSSET_WAS_WAITING_FOR_CERTS 2
 #define NSSET_DONT_DOWNLOAD_CERTS 4
+#define NSSET_ACCEPT_OBSOLETE 8
 int networkstatus_set_current_consensus(const char *consensus, unsigned flags);
 void networkstatus_note_certs_arrived(void);
 void routers_update_all_from_networkstatus(time_t now, int dir_version);