The automated test suite doesn't fetch Tor relays from unverified-microdesc-consensus.bak

When checking whether we only contacted the Tor network, we fetch the list of Tor relays known by the test VM via get_all_tor_nodes(). It only look at what’s in /var/lib/tor/cached-microdesc-consensus, but sometimes there may be additional nodes in unverified-microdesc-consensus.bak.

Today I’ve for the first time seen a firewall leak where Tor connected to a node that’s in unverified-microdesc-consensus.bak but not in cached-microdesc-consensus. It seems that the relay was down (all TCP packets were dropped, at least).

Should we also accept connections to nodes only in unverified-microdesc-consensus.bak? I.e.

--- a/features/support/helpers/misc_helpers.rb
+++ b/features/support/helpers/misc_helpers.rb
@@ -93,7 +93,7 @@ end
 # This command will grab all router IP addresses from the Tor
 # consensus in the VM + the hardcoded TOR_AUTHORITIES.
 def get_all_tor_nodes
-  cmd = 'awk "/^r/ { print \$6 }" /var/lib/tor/cached-microdesc-consensus'
+  cmd = 'awk "/^r/ { print \$6 }" /var/lib/tor/*-microdesc-consensus* | sort -u'
   @vm.execute(cmd).stdout.chomp.split("\n") + TOR_AUTHORITIES
 end

After all, that’s what our Tor may do, which may be a bug, possibly due to all the tordate madness we do.

Feature Branch: test/9521-chutney

Parent Task: #10288

Related issues

• Related to #9654 (closed)

Original created by @anonym on 8961 (Redmine)