If anybody set DirFetchPostPeriod, give them StatuFetchPeriod instead. Impose minima and maxima for all *Period options; impose even tighter maxima for fetching if we are a caching dirserver. Clip rather than rejecting. arma: are these good?

svn:r3024

3 files changed, 57 insertions, 23 deletions

diff --git a/doc/TODO b/doc/TODO
index eb0df7830..b985bf974 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -15,10 +15,10 @@ N&R- bring tor-spec up to date
    o cache and serve running-routers on other nodes?
      o cache running-routers
      o download running-routers from servers running rc5-cvs or later
-N  - pump up periods for fetching things; figure out how to do this
+   o pump up periods for fetching things; figure out how to do this
      backward-compatibily, so that people who did set dirfetchpostperiod
      get the right behavior.
-     - If dirport is set, we should have a maximum dirfetchperiod and
+     o If dirport is set, we should have a maximum dirfetchperiod and
        a maximum statusfetchperiod, or else we'll serve very stale stuff.
    o Adapt version parsing code to handle new version scheme; document new
      version scheme.
diff --git a/doc/tor.1.in b/doc/tor.1.in
index 05bf835a5..c944b8e15 100644
--- a/doc/tor.1.in
+++ b/doc/tor.1.in
@@ -67,7 +67,7 @@ rather than connecting directly to any directory servers.
 .TP
 \fBKeepalivePeriod \fR\fINUM\fP
 To keep firewalls from expiring connections, send a padding keepalive
-cell on open connections every NUM seconds. (Default: 300)
+cell on open connections every NUM seconds. (Default: 5 minutes.)
 .TP
 \fBMaxConn \fR\fINUM\fP
 Maximum number of simultaneous sockets allowed.  You probably don't need
@@ -119,7 +119,7 @@ information about the current state of known servers.  (Default: 20 minutes.)
 \fBRendPostPeriod \fR\fIN\fR \fBseconds\fR|\fBminutes\fR|\fBhours\fR|\fBdays\fR|\fBweeks\fP
 Every time the specified period elapses, Tor uploads any rendezvous
 service descriptors to the directory servers.  This information is also
-uploaded whenever it changes.  (Default: 10 minutes.)
+uploaded whenever it changes.  (Default: 20 minutes.)
 
 .SH CLIENT OPTIONS
 .PP
@@ -282,7 +282,7 @@ considered.
 \fBDirPostPeriod \fR\fIN\fR \fBseconds\fR|\fBminutes\fR|\fBhours\fR|\fBdays\fR|\fBweeks\fP
 Every time the specified period elapses, Tor uploads its server
 descriptors to the directory servers.  This information is also
-uploaded whenever it changes.  (Default: 10 minutes.)
+uploaded whenever it changes.  (Default: 20 minutes.)
 .TP
 \fBAccountingMax \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
 Never send more than the specified number of bytes in a given
diff --git a/src/or/config.c b/src/or/config.c
index 18ce5d39e..8397a0dbd 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -63,7 +63,7 @@ static config_abbrev_t config_abbrevs[] = {
   { "l", "Log", 1},
   { "BandwidthRateBytes", "BandwidthRate", 0},
   { "BandwidthBurstBytes", "BandwidthBurst", 0},
-  { "DirFetchPostPeriod", "DirFetchPeriod", 0},
+  { "DirFetchPostPeriod", "StatusFetchPeriod", 0},
   { NULL, NULL , 0},
 };
 #undef PLURAL
@@ -106,9 +106,9 @@ static config_var_t config_vars[] = {
   VAR("DataDirectory",       STRING,   DataDirectory,        NULL),
   VAR("DirPort",             UINT,     DirPort,              "0"),
   VAR("DirBindAddress",      LINELIST, DirBindAddress,       NULL),
-  VAR("DirFetchPeriod",      INTERVAL, DirFetchPeriod,       "1 hour"),
-  VAR("DirPostPeriod",       INTERVAL, DirPostPeriod,        "10 minutes"),
-  VAR("RendPostPeriod",      INTERVAL, RendPostPeriod,       "10 minutes"),
+  VAR("DirFetchPeriod",      INTERVAL, DirFetchPeriod,       "1 hours"),
+  VAR("DirPostPeriod",       INTERVAL, DirPostPeriod,        "20 minutes"),
+  VAR("RendPostPeriod",      INTERVAL, RendPostPeriod,       "20 minutes"),
   VAR("DirPolicy",           LINELIST, DirPolicy,            NULL),
   VAR("DirServer",           LINELIST, DirServers,           NULL),
   VAR("ExitNodes",           STRING,   ExitNodes,            NULL),
@@ -1282,26 +1282,60 @@ options_validate(or_options_t *options)
     result = -1;
   }
 
-#define MIN_DIRFETCHPOSTPERIOD 60
-  if (options->DirFetchPeriod < MIN_DIRFETCHPOSTPERIOD) {
-    log(LOG_WARN, "DirFetchPeriod option must be at least %d.", MIN_DIRFETCHPOSTPERIOD);
-    result = -1;
+#define MIN_DIR_FETCH_PERIOD 600
+#define MIN_DIR_POST_PERIOD 300
+#define MIN_REND_POST_PERIOD 300
+#define MIN_STATUS_FETCH_PERIOD 60
+
+#define MAX_DIR_PERIOD (MIN_ONION_KEY_LIFETIME/2)
+#define MAX_CACHE_DIR_FETCH_PERIOD 3600
+#define MAX_CACHE_STATUS_FETCH_PERIOD 900
+
+  if (options->DirFetchPeriod < MIN_DIR_FETCH_PERIOD) {
+    log(LOG_WARN, "DirFetchPeriod option must be at least %d seconds. Clipping.", MIN_DIR_FETCH_PERIOD);
+    options->DirFetchPeriod = MIN_DIR_FETCH_PERIOD;
   }
-  if (options->StatusFetchPeriod < MIN_DIRFETCHPOSTPERIOD) {
-    log(LOG_WARN, "StatusFetchPeriod option must be at least %d.", MIN_DIRFETCHPOSTPERIOD);
-    result = -1;
+  if (options->StatusFetchPeriod < MIN_STATUS_FETCH_PERIOD) {
+    log(LOG_WARN, "StatusFetchPeriod option must be at least %d seconds. Clipping.", MIN_STATUS_FETCH_PERIOD);
+    options->StatusFetchPeriod = MIN_STATUS_FETCH_PERIOD;
   }
-  if (options->DirPostPeriod < MIN_DIRFETCHPOSTPERIOD) {
-    log(LOG_WARN, "DirPostPeriod option must be at least %d.", MIN_DIRFETCHPOSTPERIOD);
-    result = -1;
+  if (options->DirPostPeriod < MIN_DIR_POST_PERIOD) {
+    log(LOG_WARN, "DirPostPeriod option must be at least %d seconds. Clipping.",
+        MIN_DIR_POST_PERIOD);
+    options->DirPostPeriod = MIN_DIR_POST_PERIOD;
+  }
+  if (options->RendPostPeriod < MIN_REND_POST_PERIOD) {
+    log(LOG_WARN,"RendPostPeriod option must be at least %d seconds. Clipping.",
+        MIN_REND_POST_PERIOD);
+    options->RendPostPeriod = MIN_REND_POST_PERIOD;
   }
-  if (options->DirFetchPeriod > MIN_ONION_KEY_LIFETIME / 2) {
+
+  if (options->DirPort && ! options->AuthoritativeDir) {
+    if (options->DirFetchPeriod > MAX_CACHE_DIR_FETCH_PERIOD) {
+      log(LOG_WARN, "Caching directory servers must have DirFetchPeriod less than %d seconds. Clipping.", MAX_CACHE_DIR_FETCH_PERIOD);
+      options->DirFetchPeriod = MAX_CACHE_DIR_FETCH_PERIOD;
+    }
+    if (options->StatusFetchPeriod > MAX_CACHE_STATUS_FETCH_PERIOD) {
+      log(LOG_WARN, "Caching directory servers must have StatusFetchPeriod less than %d seconds. Clipping.", MAX_CACHE_STATUS_FETCH_PERIOD);
+      options->StatusFetchPeriod = MAX_CACHE_STATUS_FETCH_PERIOD;
+    }
+  }
+
+  if (options->DirFetchPeriod > MAX_DIR_PERIOD) {
     log(LOG_WARN, "DirFetchPeriod is too large; clipping.");
-    options->DirFetchPeriod = MIN_ONION_KEY_LIFETIME / 2;
+    options->DirFetchPeriod = MAX_DIR_PERIOD;
   }
-  if (options->DirPostPeriod > MIN_ONION_KEY_LIFETIME / 2) {
+  if (options->DirPostPeriod > MAX_DIR_PERIOD) {
     log(LOG_WARN, "DirPostPeriod is too large; clipping.");
-    options->DirPostPeriod = MIN_ONION_KEY_LIFETIME / 2;
+    options->DirPostPeriod = MAX_DIR_PERIOD;
+  }
+  if (options->StatusFetchPeriod > MAX_DIR_PERIOD) {
+    log(LOG_WARN, "StatusFetchPeriod is too large; clipping.");
+    options->StatusFetchPeriod = MAX_DIR_PERIOD;
+  }
+  if (options->RendPostPeriod > MAX_DIR_PERIOD) {
+    log(LOG_WARN, "RendPostPeriod is too large; clipping.");
+    options->RendPostPeriod = MAX_DIR_PERIOD;
   }
 
   if (options->KeepalivePeriod < 1) {