Opened 8 years ago

Closed 7 years ago

Last modified 7 years ago

#5394 closed defect (worksforme)

warn users about their clock if they see a consensus from the future

Reported by: arma Owned by:
Priority: Medium Milestone: Tor: 0.2.4.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: easy tor-client
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In router_set_networkstatus_v2() we check if the v2 ns is from the future, and warn if so:

  if (ns->published_on > now + NETWORKSTATUS_ALLOW_SKEW) {
    char dbuf[64];
    long delta = now - ns->published_on;
    format_time_interval(dbuf, sizeof(dbuf), delta);
    log_warn(LD_GENERAL, "Network status from %s was published %s in the "
             "future (%s GMT). Check your time and date settings! "
             "Not caching.",
             source_desc, dbuf, published);
    control_event_general_status(LOG_WARN,
                       "CLOCK_SKEW MIN_SKEW=%ld SOURCE=NETWORKSTATUS:%s:%d",
                       delta, ns->source_address, ns->source_dirport);
    skewed = 1;
  }

We should do something similar for v3 consensuses.

Also, we might want to use a smaller value than '24 hours' for skew tolerance, since there's really no realistic way a consensus will validly appear from even the near future.

Child Tickets

Change History (5)

comment:1 Changed 7 years ago by nickm

Keywords: easy added
Milestone: Tor: 0.2.3.x-finalTor: 0.2.4.x-final

comment:2 Changed 7 years ago by nickm

I think we already do this. Check out networkstatus.c around line 1861 in networkstatus_set_current_consensus:

#define EARLY_CONSENSUS_NOTICE_SKEW 60

  if (now < c->valid_after - EARLY_CONSENSUS_NOTICE_SKEW) {
    char tbuf[ISO_TIME_LEN+1];
    char dbuf[64];
    long delta = now - c->valid_after;
    format_iso_time(tbuf, c->valid_after);
    format_time_interval(dbuf, sizeof(dbuf), delta);
    log_warn(LD_GENERAL, "Our clock is %s behind the time published in the "
             "consensus network status document (%s GMT).  Tor needs an "
             "accurate clock to work correctly. Please check your time and "
             "date settings!", dbuf, tbuf);
    control_event_general_status(LOG_WARN,
                    "CLOCK_SKEW MIN_SKEW=%ld SOURCE=CONSENSUS", delta);

That sure looks like the kind of thing you wanted. It looks like we've been doing it since 7709fb71 back in 2007. Close as worksforme?

comment:3 Changed 7 years ago by arma

Resolution: worksforme
Status: newclosed

Looks good. Also looks like we're already going a much smaller cutoff than 24 hours. Great.

comment:4 Changed 7 years ago by nickm

Keywords: tor-client added

comment:5 Changed 7 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.