[tor-bugs] #5595 [Tor]: Some relays tried to refetch maatuska's new certificate repeatedly

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu May 9 16:02:33 UTC 2013


#5595: Some relays tried to refetch maatuska's new certificate repeatedly
------------------------------------+---------------------------------------
 Reporter:  rransom                 |          Owner:  andrea            
     Type:  defect                  |         Status:  needs_revision    
 Priority:  critical                |      Milestone:  Tor: 0.2.4.x-final
Component:  Tor                     |        Version:                    
 Keywords:  tor-relay 023-backport  |         Parent:                    
   Points:                          |   Actualpoints:                    
------------------------------------+---------------------------------------
Changes (by nickm):

  * status:  needs_review => needs_revision


Comment:

 Looks good! Here's what I saw while reading it.

 I'd like to request basic unit tests on the fp_pair_t map code.

 fp_pair_map_{set,get}_by_digests could save some duplicated code by being
 a wrapper on fp_pair_map_{set,get}.

 Should we still be calling "authority_cert_dl_failed" from
 trusted_dirs_load_certs_from_string?   Even if so, I 'm not sure the
 comment in front of that point starting with "a duplicate on a download"
 any more.

 Should the log_warn in authority_cert_dl_failed be LD_BUG?

 Does authority_cert_dl_looks_uncertain need a variant that looks at id/sk
 failures? Or should it look at the number of id/sk failures itself?

 When constructing the fp_pair string, I would be much more comfortable
 with something tor_asprintf()-based.   I don't believe there are any bugs
 in what you have now, but I want to get us out of the habit of doing
 string construction like this.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5595#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list