Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ticket27838 035 01 #438

Merged
4 commits merged into from Oct 30, 2018
Merged

Ticket27838 035 01 #438

4 commits merged into from Oct 30, 2018

Conversation

asn-d6
Copy link
Member

@asn-d6 asn-d6 commented Oct 23, 2018

No description provided.

dgoulet-tor and others added 4 commits October 22, 2018 16:34
@dgoulet-tor
hs-v3: Create desc signing key cert before uploading
81c466c 
Before this commit, we would create the descriptor signing key certificate
when first building the descriptor.

In some extreme cases, it lead to the expiry of the certificate which triggers
a BUG() when encoding the descriptor before uploading.

Ticket #27838 details a possible scenario in which this can happen. It is an
edge case where tor losts internet connectivity, notices it and closes all
circuits. When it came back up, the HS subsystem noticed that it had no
introduction circuits, created them and tried to upload the descriptor.

However, in the meantime, if tor did lack a live consensus because it is
currently seeking to download one, we would consider that we don't need to
rotate the descriptors leading to using the expired signing key certificate.

That being said, this commit does a bit more to make this process cleaner.
There are a series of things that we need to "refresh" before uploading a
descriptor: signing key cert, intro points and revision counter.

A refresh function is added to deal with all mutable descriptor fields. It in
turn simplified a bit the code surrounding the creation of the plaintext data.

We keep creating the cert when building the descriptor in order to accomodate
the unit tests. However, it is replaced every single time the descriptor is
uploaded.

Fixes #27838

Signed-off-by: David Goulet <dgoulet@torproject.org>
@asn-d6
Func rename: Make it clear that update_all_descriptors() does intro p…
29c194e 
…oints.

With the new refresh_service_descriptor() function we had both
refresh_service_descriptor() and update_service_descriptor() which is basically
the same thing.

This commit renames update_service_descriptor() to
update_service_descriptor_intro_points() to make it clear it's not a generic
refresh and it's only about intro points.

Commit changes no code.
@asn-d6
Documentation: Document which descriptor elements are (im)mutable.
df78fb2
@asn-d6
Documentation: Move the hs_service_descriptor_t elements around.
a614731 
Move the elements around to concentrate mutable and immutable elements
together. This commit changes no code, check with --color-moved.
@coveralls
Copy link

Coverage Status

Coverage increased (+0.003%) to 62.017% when pulling a614731 on asn-d6:ticket27838_035_01 into afc22ec on torproject:master.

@ghost ghost merged commit a614731 into torproject:master Oct 30, 2018
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@asn-d6 @coveralls @dgoulet-tor