[tor-commits] [tor/master] Check onion key consensus parameters every hour.

nickm at torproject.org nickm at torproject.org
Fri Mar 17 15:18:17 UTC 2017


commit 946ccf3e4de883b98aa62666b8a5bdc3eb535447
Author: Alexander Færøy <ahf at torproject.org>
Date:   Fri Mar 17 05:27:31 2017 +0100

    Check onion key consensus parameters every hour.
    
    This patch changes the way we decide when to check for whether it's time
    to rotate and/or expiry our onion keys. Due to proposal #274 we can now
    have the keys rotate at different frequencies than before and we thus
    do the check once an hour when our Tor daemon is running in server mode.
    
    This should allow us to quickly notice if the network consensus
    parameter have changed while we are running instead of having to wait
    until the current parameters timeout value have passed.
    
    See: See: https://bugs.torproject.org/21641
---
 src/or/main.c | 11 ++++-------
 src/or/or.h   |  4 ++++
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/src/or/main.c b/src/or/main.c
index d24c674..f8df5d3 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1485,7 +1485,7 @@ rotate_onion_key_callback(time_t now, const or_options_t *options)
     int onion_key_lifetime = get_onion_key_lifetime();
     time_t rotation_time = get_onion_key_set_at()+onion_key_lifetime;
     if (rotation_time > now) {
-      return safe_timer_diff(now, rotation_time);
+      return ONION_KEY_CONSENSUS_CHECK_INTERVAL;
     }
 
     log_info(LD_GENERAL,"Rotating onion key.");
@@ -1496,7 +1496,7 @@ rotate_onion_key_callback(time_t now, const or_options_t *options)
     }
     if (advertised_server_mode() && !options->DisableNetwork)
       router_upload_dir_desc_to_dirservers(0);
-    return onion_key_lifetime;
+    return ONION_KEY_CONSENSUS_CHECK_INTERVAL;
   }
   return PERIODIC_EVENT_NO_UPDATE;
 }
@@ -1512,17 +1512,14 @@ check_onion_keys_expiry_time_callback(time_t now, const or_options_t *options)
   if (server_mode(options)) {
     int onion_key_grace_period = get_onion_key_grace_period();
     time_t expiry_time = get_onion_key_set_at()+onion_key_grace_period;
-
     if (expiry_time > now) {
-      return safe_timer_diff(now, expiry_time);
+      return ONION_KEY_CONSENSUS_CHECK_INTERVAL;
     }
 
     log_info(LD_GENERAL, "Expiring old onion keys.");
-
     expire_old_onion_keys();
     cpuworkers_rotate_keyinfo();
-
-    return onion_key_grace_period;
+    return ONION_KEY_CONSENSUS_CHECK_INTERVAL;
   }
 
   return PERIODIC_EVENT_NO_UPDATE;
diff --git a/src/or/or.h b/src/or/or.h
index 1c4e24e..855b234 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -164,6 +164,10 @@
 /** Default grace period for acceptance of an onion key in days. */
 #define DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS (7)
 
+/** How often we should check the network consensus if it is time to rotate or
+ * expire onion keys. */
+#define ONION_KEY_CONSENSUS_CHECK_INTERVAL (60*60)
+
 /** How often do we rotate TLS contexts? */
 #define MAX_SSL_KEY_LIFETIME_INTERNAL (2*60*60)
 





More information about the tor-commits mailing list