commit a686464420801c5aa58bde1babbf96d3b8520b00
Author: George Kadianakis <desnac...@riseup.net>
Date: Tue Jun 12 14:29:06 2018 +0300
Recreate voting schedule before use if it's outdated.
---
src/or/voting_schedule.c | 26 +++++++++++++++++++++++++-
src/or/voting_schedule.h | 4 ++++
2 files changed, 29 insertions(+), 1 deletion(-)
diff --git a/src/or/voting_schedule.c b/src/or/voting_schedule.c
index 1d66b5e22..d230a6dbc 100644
--- a/src/or/voting_schedule.c
+++ b/src/or/voting_schedule.c
@@ -83,6 +83,10 @@ get_voting_schedule(const or_options_t *options, time_t now,
int severity)
interval = (int)( consensus->fresh_until - consensus->valid_after );
vote_delay = consensus->vote_seconds;
dist_delay = consensus->dist_seconds;
+
+ /* Note down the consensus valid after, so that we detect outdated voting
+ * schedules in case of skewed clocks etc. */
+ new_voting_schedule->live_consensus_valid_after = consensus->valid_after;
} else {
interval = options->TestingV3AuthInitialVotingInterval;
vote_delay = options->TestingV3AuthInitialVoteDelay;
@@ -138,14 +142,34 @@ voting_schedule_t voting_schedule;
time_t
voting_schedule_get_next_valid_after_time(void)
{
+ time_t now = approx_time();
+ bool need_to_recalculate_voting_schedule = false;
+
/* This is a safe guard in order to make sure that the voting schedule
* static object is at least initialized. Using this function with a zeroed
* voting schedule can lead to bugs. */
if (tor_mem_is_zero((const char *) &voting_schedule,
sizeof(voting_schedule))) {
- voting_schedule_recalculate_timing(get_options(), time(NULL));
+ need_to_recalculate_voting_schedule = true;
+ goto done; /* no need for next check if we have to recalculate anyway */
+ }
+
+ /* Also make sure we are not using an outdated voting schedule. If we have a
+ * newer consensus, make sure we recalculate the voting schedule. */
+ const networkstatus_t *ns = networkstatus_get_live_consensus(now);
+ if (ns && ns->valid_after != voting_schedule.live_consensus_valid_after) {
+ log_info(LD_DIR, "Voting schedule is outdated: recalculating (%d/%d)",
+ (int) ns->valid_after,
+ (int) voting_schedule.live_consensus_valid_after);
+ need_to_recalculate_voting_schedule = true;
+ }
+
+ done:
+ if (need_to_recalculate_voting_schedule) {
+ voting_schedule_recalculate_timing(get_options(), now);
voting_schedule.created_on_demand = 1;
}
+
return voting_schedule.interval_starts;
}
diff --git a/src/or/voting_schedule.h b/src/or/voting_schedule.h
index 4f9d58403..087701408 100644
--- a/src/or/voting_schedule.h
+++ b/src/or/voting_schedule.h
@@ -43,6 +43,10 @@ typedef struct {
* timings only for the first vote even though this object was initilized
* prior to voting. */
int created_on_demand;
+
+ /** The valid-after time of the last live consensus that filled this voting
+ * schedule. It's used to detect outdated voting schedules. */
+ time_t live_consensus_valid_after;
} voting_schedule_t;
/* Public API. */
_______________________________________________
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
