[tor-bugs] #11454 [Tor]: If two auth certs are both old but were generated nearby in time, we keep both

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Jan 29 02:17:13 UTC 2015 

#11454: If two auth certs are both old but were generated nearby in time, we keep
both
------------------------+----------------------------------------
     Reporter:  arma    |      Owner:
         Type:  defect  |     Status:  needs_review
     Priority:  normal  |  Milestone:  Tor: 0.2.6.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  026-triaged-1, nickm-patch
Actual Points:          |  Parent ID:
       Points:          |
------------------------+----------------------------------------

Comment (by sysrqb):

 Relatively quick review. The rewrite seems to solve this and #11457.

 Thoughts:
 - if the first cert in the list is very expired and all subsequent certs
 are from the future, we don't remove it until we reach the future.
 - I think similar scenario to #11457, where one cert is created then soon
 after another is created, after two days all tors will discard the
 original cert. if the authority then starts reusing the original, everyone
 will re-request it every hour? This is much less bad than #11457, but it's
 a side-effect of discarding unexpired, superseded certs.
 - should we remember the signing key digest of the certs we download, and
 not discard superseded certs which we redownload often?
 - I wonder what other weird edge cases exist.

 Minor consmetic changes

 {{{
 diff --git a/src/or/routerlist.c b/src/or/routerlist.c
 index 7112282..83d1c69 100644
 --- a/src/or/routerlist.c
 +++ b/src/or/routerlist.c
 @@ -498,7 +498,7 @@ trusted_dirs_remove_old_certs(void)
           * Remove it. */
          should_remove = 1;
        } else if (next_cert_published + SUPERSEDED_CERT_LIFETIME < now) {
 -        /* Certificate has been superseded for OLD_CERT_LIFETIME.
 +        /* Certificate has been superseded for SUPERSEDED_CERT_LIFETIME.
           * Remove it.
           */
          should_remove = 1;
 @@ -512,7 +512,7 @@ trusted_dirs_remove_old_certs(void)

    } DIGESTMAP_FOREACH_END;
  #undef DEAD_CERT_LIFETIME
 -#undef OLD_CERT_LIFETIME
 +#undef SUPERSEDED_CERT_LIFETIME

    trusted_dirs_flush_certs_to_disk();
  }
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11454#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list