commit d4794c77ada6cd6a67433e551e6876b6bc33cd30 Author: Damian Johnson <atagar@torproject.org> Date: Wed Jan 18 10:51:42 2017 -0800 Alert if shared random value is missing from the consensus Third check for https://trac.torproject.org/projects/tor/ticket/17434 --- consensus_health_checker.py | 18 ++++++++++++++++++ data/consensus_health.cfg | 2 ++ 2 files changed, 20 insertions(+) diff --git a/consensus_health_checker.py b/consensus_health_checker.py index 5deb8b1..0f633c8 100755 --- a/consensus_health_checker.py +++ b/consensus_health_checker.py @@ -325,6 +325,7 @@ def run_checks(consensuses, votes): bad_exits_in_sync, bandwidth_authorities_in_sync, is_orport_reachable, + shared_random_present, shared_random_commit_partitioning, shared_random_reveal_partitioning, ) @@ -747,6 +748,23 @@ def is_orport_reachable(latest_consensus, consensuses, votes): return issues +def shared_random_present(latest_consensus, consensuses, votes): + """ + Check that the consensus has shared randomness values necessary for hidden + services to function. + """ + + issues = [] + + if latest_consensus.shared_randomness_current_value is None: + issues.append(Issue(Runlevel.ERROR, 'CURRENT_SHARED_RANDOM_MISSING')) + + if latest_consensus.shared_randomness_previous_value is None: + issues.append(Issue(Runlevel.ERROR, 'PREVIOUS_SHARED_RANDOM_MISSING')) + + return issues + + def shared_random_commit_partitioning(latest_consensus, consensuses, votes): """ Check that each authority's commitment matches the votes from other diff --git a/data/consensus_health.cfg b/data/consensus_health.cfg index 795bd9a..be58b26 100644 --- a/data/consensus_health.cfg +++ b/data/consensus_health.cfg @@ -20,6 +20,8 @@ msg BADEXIT_OUT_OF_SYNC => Authorities disagree about the BadExit flag for {fing msg BANDWIDTH_AUTHORITIES_OUT_OF_SYNC => Bandwidth authorities have a substantially different number of measured entries: {authorities} msg AUTHORITY_UNAVAILABLE => Unable to retrieve the {fetch_type} from {authority} ({url}): {error} msg UNABLE_TO_REACH_ORPORT => Unable to reach the ORPort of {authority} ({address}, port {port}): {error} +msg CURRENT_SHARED_RANDOM_MISSING => Consensus is missing a current shared random value (shared-rand-current-value) +msg PREVIOUS_SHARED_RANDOM_MISSING => Consensus is missing a previous shared random value (shared-rand-previous-value) msg SHARED_RANDOM_COMMITMENT_MISMATCH => Shared randomness commitment {authority} reported for {their_v3ident} doesn't match their actual value ({authority}: {our_value}, theirs: {their_value}) msg SHARED_RANDOM_REVEAL_MISSING => During the reveal phase the vote from {authority} lacked a shared random value for {their_v3ident}, which should be {their_value} msg SHARED_RANDOM_REVEAL_DUPLICATED => During the reveal phase the vote from {authority} reported multiple commitments for {their_v3ident}