tordate sometimes breaks obfs4 by messing with a correct clock
time_is_in_valid_tor_range
returns false for clocks that are in the
last 30 minutes of the 3 hours Tor consensus validity range, and then
we’ll set the clock to the middle of the valid range. I’ve seen a case
when the clock that we set in such a case, in the hope it’ll help,
actually breaks obfs4 while it was otherwise very much looking like it
would have worked, had we not set a wrong system time: it had downloaded
a consensus successfully and could verify it. I don’t know if the
original system clock was correct or not: the user says it was correct
and in UTC but there might have been a misunderstanding. Anyhow, after
tordate changed the clock and restarted tor, obfs4proxy could not
connect anymore (apparently due to SSL problems that I can’t explain
except by clock mismatch).
I could not find why time_is_in_valid_tor_range()
treats a clock,
that’s in the last 30 minutes of the 3 hours Tor consensus validity
range, as wrong and in need of fixing: we’ve had this code since the
very beginning of tordate
(58e1b1a3835dfa84c831ad2a4e205ae8c129494e, 2011! :) It could be
that back then, tor wasn’t good at refreshing its consensus before it
expired? In this case, for a clock set to 15:49:XY, I see “will expire
at 2018-06-14 16:00:00; fetching the next one at 2018-06-14 15:54:23” in
the logs.
In order to decrease the risk that we break stuff while trying to help, I think we should replace “30 minutes” with 5 or 10 minutes in this algorithm: it should still leave tor enough time to notice that its consensus is about to expire, and refresh it.
Feature Branch: bugfix/16972-tordate-dont-fix-correct-clock+force-all-tests
Related issues
- Related to #15548
Original created by @intrigeri on 16972 (Redmine)