7 years ago · 800dff1308
--- a/changes/bug20533
+++ b/changes/bug20533
@@ -0,0 +1,7 @@
 
				+  o Minor bugfixes (consensus downloads):
			
 
				+    - If a consensus expires while we are waiting for certificates to download,
			
 
				+      stop waiting for certificates.
			
 
				+    - If we stop waiting for certificates less than a minute after we started
			
 
				+      downloading them, do not consider the certificate download failure a
			
 
				+      separate failure.
			
 
				+      Fixes bug 20533; bugfix on commit e0204f21 in 0.2.0.9-alpha.
			
--- a/changes/bug20534
+++ b/changes/bug20534
@@ -0,0 +1,6 @@
 
				+  o Minor bugfixes (directory download scheduling):
			
 
				+    - Remove the maximum delay on exponential-backoff scheduling.
			
 
				+      Since we now allow an infinite number of failures (see ticket
			
 
				+      20536), we must now allow the time to grow longer on each failure.
			
 
				+      Fixes bug 20534; bugfix on 0.2.9.1-alpha.
			
 
				+
			
--- a/changes/bug20536
+++ b/changes/bug20536
@@ -0,0 +1,6 @@
 
				+  o Major bugfixes (download scheduling):
			
 
				+    - When using an exponential backoff schedule, do not give up on
			
 
				+      dowloading just because we have failed a bunch of times.  Since
			
 
				+      each delay is longer than the last, retrying indefinitely won't
			
 
				+      hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha.
			
 
				+
			
--- a/changes/bug20587
+++ b/changes/bug20587
@@ -0,0 +1,6 @@
 
				+
			
 
				+  o Minor bugfixes (download timing):
			
 
				+    - When determining when to download a directory object, handle times
			
 
				+      after 2038 if the operating system supports that.  (Someday this will be
			
 
				+      important!)  Fixes bug 20587; bugfix on 0.2.8.1-alpha.
			
 
				+
			
--- a/changes/bug20591
+++ b/changes/bug20591
@@ -0,0 +1,3 @@
 
				+  o Minor bugfixes (relay bootstrap):
			
 
				+    - Ensure relays don't make multiple connections during bootstrap.
			
 
				+      Fixes bug 20591; bugfix on 0.2.8.1-alpha.
			
--- a/changes/geoip-november2016
+++ b/changes/geoip-november2016
@@ -0,0 +1,4 @@
 
				+  o Minor features:
			
 
				+    - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2
			
 
				+      Country database.
			
 
				+
			
--- a/src/config/geoip
+++ b/src/config/geoip
--- a/src/config/geoip6
+++ b/src/config/geoip6
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -3971,7 +3971,10 @@ find_dl_min_and_max_delay(download_status_t *dls, const or_options_t *options,
 
				   const smartlist_t *schedule = find_dl_schedule(dls, options);
			
 
				   tor_assert(schedule != NULL && smartlist_len(schedule) >= 2);
			
 
				   *min = *((int *)(smartlist_get(schedule, 0)));
			
 
				-  *max = *((int *)((smartlist_get(schedule, smartlist_len(schedule) - 1))));
			
 
				+  if (dls->backoff == DL_SCHED_DETERMINISTIC)
			
 
				+    *max = *((int *)((smartlist_get(schedule, smartlist_len(schedule) - 1))));
			
 
				+  else
			
 
				+    *max = INT_MAX;
			
 
				 }
			
 
				 
			
 
				 /** Advance one delay step.  The algorithm is to use the previous delay to
			
@@ -4077,9 +4080,9 @@ download_status_schedule_get_delay(download_status_t *dls,
 
				    * non-negative allows us to safely do the wrapping check below. */
			
 
				   tor_assert(delay >= 0);
			
 
				 
			
 
				-  /* Avoid now+delay overflowing INT_MAX, by comparing with a subtraction
			
 
				+  /* Avoid now+delay overflowing TIME_MAX, by comparing with a subtraction
			
 
				    * that won't overflow (since delay is non-negative). */
			
 
				-  if (delay < INT_MAX && now <= INT_MAX - delay) {
			
 
				+  if (delay < INT_MAX && now <= TIME_MAX - delay) {
			
 
				     dls->next_attempt_at = now+delay;
			
 
				   } else {
			
 
				     dls->next_attempt_at = TIME_MAX;
			
@@ -4192,7 +4195,7 @@ download_status_increment_attempt(download_status_t *dls, const char *item,
 
				   if (dls->increment_on == DL_SCHED_INCREMENT_FAILURE) {
			
 
				     /* this schedule should retry on failure, and not launch any concurrent
			
 
				      attempts */
			
 
				-    log_info(LD_BUG, "Tried to launch an attempt-based connection on a "
			
 
				+    log_warn(LD_BUG, "Tried to launch an attempt-based connection on a "
			
 
				              "failure-based schedule.");
			
 
				     return TIME_MAX;
			
 
				   }
			
--- a/src/or/directory.h
+++ b/src/or/directory.h
@@ -114,9 +114,15 @@ static inline int
 
				 download_status_is_ready(download_status_t *dls, time_t now,
			
 
				                          int max_failures)
			
 
				 {
			
 
				-  int under_failure_limit = (dls->n_download_failures <= max_failures
			
 
				-                             && dls->n_download_attempts <= max_failures);
			
 
				-  return (under_failure_limit && dls->next_attempt_at <= now);
			
 
				+  if (dls->backoff == DL_SCHED_DETERMINISTIC) {
			
 
				+    /* Deterministic schedules can hit an endpoint; exponential backoff
			
 
				+     * schedules just wait longer and longer. */
			
 
				+    int under_failure_limit = (dls->n_download_failures <= max_failures
			
 
				+                               && dls->n_download_attempts <= max_failures);
			
 
				+    if (!under_failure_limit)
			
 
				+      return 0;
			
 
				+  }
			
 
				+  return dls->next_attempt_at <= now;
			
 
				 }
			
 
				 
			
 
				 static void download_status_mark_impossible(download_status_t *dl);
			
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -841,9 +841,15 @@ we_want_to_fetch_flavor(const or_options_t *options, int flavor)
 
				  * fetching certs before we check whether there is a better one? */
			
 
				 #define DELAY_WHILE_FETCHING_CERTS (20*60)
			
 
				 
			
 
				+/** What is the minimum time we need to have waited fetching certs, before we
			
 
				+ * increment the consensus download schedule on failure? */
			
 
				+#define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE (1*60)
			
 
				+
			
 
				 /* Check if a downloaded consensus flavor should still wait for certificates
			
 
				- * to download now.
			
 
				- * If so, return 1. If not, fail dls and return 0. */
			
 
				+ * to download now. If we decide not to wait, check if enough time has passed
			
 
				+ * to consider the certificate download failure a separate failure. If so,
			
 
				+ * fail dls.
			
 
				+ * If waiting for certificates to download, return 1. If not, return 0. */
			
 
				 static int
			
 
				 check_consensus_waiting_for_certs(int flavor, time_t now,
			
 
				                                   download_status_t *dls)
			
@@ -857,11 +863,14 @@ check_consensus_waiting_for_certs(int flavor, time_t now,
 
				   waiting = &consensus_waiting_for_certs[flavor];
			
 
				   if (waiting->consensus) {
			
 
				     /* XXXX make sure this doesn't delay sane downloads. */
			
 
				-    if (waiting->set_at + DELAY_WHILE_FETCHING_CERTS > now) {
			
 
				+    if (waiting->set_at + DELAY_WHILE_FETCHING_CERTS > now &&
			
 
				+        waiting->consensus->valid_until > now) {
			
 
				       return 1;
			
 
				     } else {
			
 
				       if (!waiting->dl_failed) {
			
 
				-        download_status_failed(dls, 0);
			
 
				+        if (waiting->set_at + MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE > now) {
			
 
				+          download_status_failed(dls, 0);
			
 
				+        }
			
 
				         waiting->dl_failed=1;
			
 
				       }
			
 
				     }
			
@@ -906,7 +915,7 @@ update_consensus_networkstatus_downloads(time_t now)
 
				     resource = networkstatus_get_flavor_name(i);
			
 
				 
			
 
				     /* Check if we already have enough connections in progress */
			
 
				-    if (we_are_bootstrapping) {
			
 
				+    if (we_are_bootstrapping && use_multi_conn) {
			
 
				       max_in_progress_conns =
			
 
				         options->ClientBootstrapConsensusMaxInProgressTries;
			
 
				     }