Opened 2 years ago

Last modified 18 months ago

#22214 new defect

When authority certificates expire, give a better error message

Reported by: teor Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: easy intro
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

On master, I have a test directory authority on i386 macOS 10.12 which can't download certificates. The directory authority had been down (asleep) for a while, and on update to the new master, it said:

May 10 19:02:28.645 [notice] Tor 0.3.1.0-alpha-dev (git-0266c4ac819d9c83) running on Darwin with Libevent 2.1.8-stable, OpenSSL 1.0.2k, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.
...
May 10 19:03:15.000 [warn] Got a certificate for lemonpeasy, but we already have it. Maybe they haven't updated it. Waiting for a while.
May 10 19:03:15.000 [warn] Got a certificate for triplepeak, but we already have it. Maybe they haven't updated it. Waiting for a while.
May 10 19:03:15.000 [warn] Got a certificate for Betty, but we already have it. Maybe they haven't updated it. Waiting for a while.
May 10 19:03:15.000 [warn] Got a certificate for Evelyn, but we already have it. Maybe they haven't updated it. Waiting for a while.
May 10 19:03:15.000 [warn] Got a certificate for albert, but we already have it. Maybe they haven't updated it. Waiting for a while.
May 10 19:03:15.000 [warn] Got a certificate for missionary, but we already have it. Maybe they haven't updated it. Waiting for a while.
...
May 10 19:04:16.000 [warn] Looks like we need to download a new certificate from authority 'triplepeak' at ...
May 10 19:04:16.000 [warn] Looks like we need to download a new certificate from authority 'Betty' at ...

I suspect this bug might have been introduced in 0.3.1. Or, it might be due to the fact our test network consensus is broken. Or it could be because we're on mixed versions (which should work).

Child Tickets

Change History (4)

comment:1 Changed 2 years ago by teor

Cc: ahf removed
Milestone: Tor: 0.3.1.x-finalTor: unspecified
Severity: MajorNormal
Summary: Certificate downloads are brokenWhen authority certificates expire, give a better error message

Oops, turns out we started the test network a year ago, and so the authority certificates have expired. The log message could be easier to understand.

comment:2 Changed 2 years ago by nickm

Keywords: easy intro added

comment:3 Changed 18 months ago by aruna1234

I suggest giving a better log message would suffice. The question is which file does it concern with?

comment:4 Changed 18 months ago by teor

You can search for the log message in the tor source code to learn which file it is from.
Many people use the "grep" command to search files.

Note: See TracTickets for help on using tickets.