#24815: Validate shared random state dates before each voting period -------------------------------------------------+------------------------- Reporter: teor | Owner: dgoulet Type: defect | Status: new Priority: Medium | Milestone: Tor: | 0.3.3.x-final Component: Core Tor/Tor | Version: Tor: | 0.2.9.1-alpha Severity: Normal | Resolution: Keywords: tor-sr, tor-ddos, 031-backport, | Actual Points: 032-backport | Parent ID: | Points: 1 Reviewer: | Sponsor: -------------------------------------------------+------------------------- Changes (by teor):
* status: needs_information => new * keywords: tor-sr, tor-ddos => tor-sr, tor-ddos, 031-backport, 032-backport Comment: I had a quick look. This warning: {{{ [info] disk_state_validate: SR: Disk state valid after/until times are invalid. }}} happens when: {{{ /* Make sure we don't have a valid after time that is earlier than a valid * until time which would make things not work well. */ if (state->ValidAfter >= state->ValidUntil) { log_info(LD_DIR, "SR: Disk state valid after/until times are invalid."); goto invalid; } }}} The bug is in get_state_valid_until_time(): {{{ voting_interval = get_voting_interval(); /* Find the time the current round started. */ beginning_of_current_round = get_start_time_of_current_round(); /* Find how many rounds are left till the end of the protocol run */ current_round = (now / voting_interval) % total_rounds; rounds_left = total_rounds - current_round; /* To find the valid-until time now, take the start time of the current * round and add to it the time it takes for the leftover rounds to * complete. */ valid_until = beginning_of_current_round + (rounds_left * voting_interval); }}} If rounds_left is zero, then valid_until is beginning_of_current_round. But ValidAfter is set to now in disk_state_new(), which can be after beginning_of_current_round. This is probably a backport candidate, because if all the authorities ever have to restart near the end of a SR cycle, we could lose the SR for that cycle. Fortunately, it only affects voting, so we don't have to worry about breaking consensus. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24815#comment:8> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs