Change the behavior of "getinfo status/good-server-descriptor"

so it doesn't return failure when any authority disappears.


svn:r13645

ChangeLog

@@ -65,6 +65,8 @@ Changes in version 0.2.0.20-?? - 2008-02-??
       example, when answering a directory request), reset the
       time-to-give-up timeout every time we manage to write something
       on the socket. Bugfix on 0.1.2.x.
+    - Change the behavior of "getinfo status/good-server-descriptor"
+      so it doesn't return failure when any authority disappears.
 
   o Code simplifications and refactoring:
     - Remove the tor_strpartition function: its logic was confused,

doc/spec/control-spec.txt

@@ -551,7 +551,7 @@ $Id$
       These provide the current internal Tor values for various Tor
       states. See Section 4.1.10 for explanations. (Only a few of the
       status events are available as getinfo's currently. Let us know if
-      you want more exposed.)<
+      you want more exposed.)
     "status/reachability/or"
       0 or 1, depending on whether we've found our ORPort reachable.
     "status/reachability/dir"
@@ -1371,7 +1371,7 @@ $Id$
        We're going to start testing the reachability of our external OR port
        or directory port.
 
-       {This event could effect the controller's idea of server status, but
+       {This event could affect the controller's idea of server status, but
        the controller should not interrupt the user to tell them so.}
 
      REACHABILITY_SUCCEEDED
@@ -1381,14 +1381,14 @@ $Id$
        directory port (depending on which of ORADDRESS or DIRADDRESS is
        given.)
 
-       {This event could effect the controller's idea of server status, but
+       {This event could affect the controller's idea of server status, but
        the controller should not interrupt the user to tell them so.}
 
      GOOD_SERVER_DESCRIPTOR
-       We successfully uploaded our server descriptor to each of the
-       directory authorities, with no complaints.
+       We successfully uploaded our server descriptor to at least one
+       of the directory authorities, with no complaints.
 
-       {This event could effect the controller's idea of server status, but
+       {This event could affect the controller's idea of server status, but
        the controller should not interrupt the user to tell them so.}
 
      NAMESERVER_STATUS
@@ -1398,7 +1398,7 @@ $Id$
         One of our nameservers has changed status.
         // actually notice
 
-       {This event could effect the controller's idea of server status, but
+       {This event could affect the controller's idea of server status, but
        the controller should not interrupt the user to tell them so.}
 
      NAMESERVER_ALL_DOWN
@@ -1438,7 +1438,7 @@ $Id$
         A single directory authority accepted our descriptor.
         // actually notice
 
-       {This event could effect the controller's idea of server status, but
+       {This event could affect the controller's idea of server status, but
        the controller should not interrupt the user to tell them so.}
 
      REACHABILITY_FAILED
@@ -1447,7 +1447,7 @@ $Id$
        We failed to connect to our external OR port or directory port
        successfully.
 
-       {This event could effect the controller's idea of server status.  The
+       {This event could affect the controller's idea of server status.  The
        controller should warn the admin and suggest reasonable steps to take.}
 
 4.1.11. Our set of guard nodes has changed

src/or/directory.c

@@ -192,24 +192,26 @@ router_supports_extrainfo(const char *identity_digest, int is_authority)
   return 0;
 }
 
-/** Return true iff all trusted directory servers have accepted our
- * server descriptor. */
+/** Return true iff any trusted directory authority has accepted our
+ * server descriptor.
+ *
+ * We consider any authority sufficient because waiting for all of
+ * them means it never happens while any authority is down; we don't
+ * go for something more complex in the middle (like \>1/3 or \>1/2 or
+ * \>=1/2) because that doesn't seem necessary yet.
+ */
 int
 directories_have_accepted_server_descriptor(void)
 {
   smartlist_t *servers = router_get_trusted_dir_servers();
   or_options_t *options = get_options();
-  /* XXX020rc If any authority of the needed type is down, this
-   * function will never return true. Perhaps we need to be
-   * tolerant of down servers? Or even better, should we change
-   * this so one successful upload is enough? -RD */
   SMARTLIST_FOREACH(servers, trusted_dir_server_t *, d, {
     if ((d->type & options->_PublishServerDescriptor) &&
-        !d->has_accepted_serverdesc) {
-      return 0;
+        d->has_accepted_serverdesc) {
+      return 1;
     }
   });
-  return 1;
+  return 0;
 }
 
 /** Start a connection to every suitable directory authority, using