[tor-commits] [doctor/master] Check for clock skew

atagar at torproject.org atagar at torproject.org
Fri Apr 13 19:53:49 UTC 2018 

commit 5399092235e6d1f74841347b01adddaf9df63d3a
Author: Damian Johnson <atagar at torproject.org>
Date:   Fri Apr 13 12:52:35 2018 -0700

    Check for clock skew
    
    Roger had the great suggestion that we should check for clock skew...
    
      https://trac.torproject.org/projects/tor/ticket/25768
    
    Expanded stem a bit along with this to surface response headers.
---
 consensus_health_checker.py | 13 ++++++++++---
 data/consensus_health.cfg   |  1 +
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/consensus_health_checker.py b/consensus_health_checker.py
index 48c1224..981c4a6 100755
--- a/consensus_health_checker.py
+++ b/consensus_health_checker.py
@@ -927,7 +927,7 @@ def get_votes():
 
 
 def _get_documents(label, resource):
-  documents, times_taken, issues = {}, {}, []
+  documents, times_taken, clock_skew, issues = {}, {}, {}, []
 
   for authority in DIRECTORY_AUTHORITIES.values():
     if authority.v3ident is None:
@@ -940,9 +940,12 @@ def _get_documents(label, resource):
     )
 
     try:
-      start_time = time.time()
+      start_time = datetime.datetime.utcnow()
       documents[authority.nickname] = query.run()[0]
-      times_taken[authority.nickname] = time.time() - start_time
+      response_timestamp = datetime.datetime.strptime(query.reply_headers.get('date'), '%a, %d %b %Y %H:%M:%S %Z')
+
+      times_taken[authority.nickname] = (datetime.datetime.utcnow() - start_time).total_seconds()
+      clock_skew[authority.nickname] = abs((start_time - response_timestamp).total_seconds())
     except Exception as exc:
       issues.append(Issue(Runlevel.ERROR, 'AUTHORITY_UNAVAILABLE', fetch_type = label, authority = authority.nickname, url = query.download_url, error = exc, to = [authority.nickname]))
 
@@ -954,6 +957,10 @@ def _get_documents(label, resource):
       if time_taken > median_time * 5:
         issues.append(Issue(Runlevel.NOTICE, 'LATENCY', authority = nickname, time_taken = '%0.1fs' % time_taken, median_time = '%0.1fs' % median_time, authority_times = authority_times, to = [nickname]))
 
+    for nickname, difference in clock_skew.items():
+      if difference > 10:
+        issues.append(Issue(Runlevel.NOTICE, 'CLOCK_SKEW', authority = nickname, difference = difference, to = [nickname]))
+
   return documents, issues
 
 
diff --git a/data/consensus_health.cfg b/data/consensus_health.cfg
index 39aa2e5..994b361 100644
--- a/data/consensus_health.cfg
+++ b/data/consensus_health.cfg
@@ -1,6 +1,7 @@
 # message templates for notifications we send
 
 msg LATENCY => Downloading the consensus from {authority} took {time_taken}. Median download time is {median_time}: {authority_times}
+msg CLOCK_SKEW => The system clock of {authority} is {difference} seconds off
 msg MISSING_LATEST_CONSENSUS => The consensuses published by the following directory authorities are more than one hour old and therefore not fresh anymore: {authorities}
 msg MISSING_AUTHORITY_DESC => {authority} is missing the server descriptor of {peer}
 msg CONSENSUS_METHOD_UNSUPPORTED => The following directory authorities do not support the consensus method that the consensus uses: {authorities}

More information about the tor-commits mailing list