Complicate the rules on WARN vs INFO in consensus verification

It's normal when bootstrapping to have a lot of different certs missing, so we don't want missing certs to make us warn... unless the certs we're missing are ones that we've tried to fetch a couple of times and failed at. May fix bug 1145.
author: Nick Mathewson <nickm@torproject.org> 2010-09-02 16:42:18 -0400
committer: Nick Mathewson <nickm@torproject.org> 2010-09-02 16:46:03 -0400
commit: bfa1962d8026e632e00760c1e14b39d154977adf (patch)
tree: 218e96b860a5fa4fa1baae7e1e316309e6c7502f /src/or/networkstatus.c
parent: 6f9f1f3324d49ffbe0a5275a268111882ba8851f (diff)
download: tor-bfa1962d8026e632e00760c1e14b39d154977adf.tar
tor-bfa1962d8026e632e00760c1e14b39d154977adf.tar.gz
1 files changed, 14 insertions, 6 deletions
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index d7a8f70dc..1b4291852 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -464,7 +464,7 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
                                         int warn)
 {
   int n_good = 0;
-  int n_missing_key = 0;
+  int n_missing_key = 0, n_dl_failed_key = 0;
   int n_bad = 0;
   int n_unknown = 0;
   int n_no_signature = 0;
@@ -482,7 +482,7 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
                           voter) {
     int good_here = 0;
     int bad_here = 0;
-    int missing_key_here = 0;
+    int missing_key_here = 0, dl_failed_key_here = 0;
     SMARTLIST_FOREACH_BEGIN(voter->sigs, document_signature_t *, sig) {
       if (!sig->good_signature && !sig->bad_signature &&
           sig->signature) {
@@ -502,11 +502,15 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
         } else if (!cert || cert->expires < now) {
           smartlist_add(need_certs_from, voter);
           ++missing_key_here;
+          if (authority_cert_dl_looks_uncertain(sig->identity_digest))
+            ++dl_failed_key_here;
           continue;
         }
         if (networkstatus_check_document_signature(consensus, sig, cert) < 0) {
           smartlist_add(need_certs_from, voter);
           ++missing_key_here;
+          if (authority_cert_dl_looks_uncertain(sig->identity_digest))
+            ++dl_failed_key_here;
           continue;
         }
       }
@@ -519,9 +523,11 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
       ++n_good;
     else if (bad_here)
       ++n_bad;
-    else if (missing_key_here)
+    else if (missing_key_here) {
       ++n_missing_key;
-    else
+      if (dl_failed_key_here)
+        ++n_dl_failed_key;
+    } else
       ++n_no_signature;
   } SMARTLIST_FOREACH_END(voter);
 
@@ -534,10 +540,12 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
         smartlist_add(missing_authorities, ds);
     });
 
-  if (warn > 1 || (warn >= 0 && n_good < n_required))
+  if (warn > 1 || (warn >= 0 &&
+                   (n_good + n_missing_key - n_dl_failed_key < n_required))) {
     severity = LOG_WARN;
-  else
+  } else {
     severity = LOG_INFO;
+  }
 
   if (warn >= 0) {
     SMARTLIST_FOREACH(unrecognized, networkstatus_voter_info_t *, voter,
author	Nick Mathewson <nickm@torproject.org>	2010-09-02 16:42:18 -0400
committer	Nick Mathewson <nickm@torproject.org>	2010-09-02 16:46:03 -0400
commit	bfa1962d8026e632e00760c1e14b39d154977adf (patch)
tree	218e96b860a5fa4fa1baae7e1e316309e6c7502f /src/or/networkstatus.c
parent	6f9f1f3324d49ffbe0a5275a268111882ba8851f (diff)
download	tor-bfa1962d8026e632e00760c1e14b39d154977adf.tar tor-bfa1962d8026e632e00760c1e14b39d154977adf.tar.gz