diff --git a/crates/lox-distributor/src/lox_context.rs b/crates/lox-distributor/src/lox_context.rs index f066ba7..f488b03 100644 --- a/crates/lox-distributor/src/lox_context.rs +++ b/crates/lox-distributor/src/lox_context.rs @@ -111,11 +111,14 @@ impl LoxServerContext { for bridge in blocked { let res = self.mark_blocked(bridge); if res { - println!("BridgeLine {:?} successfully marked unreachable", bridge); + println!( + "Blocked BridgeLine {:?} successfully marked unreachable", + bridge + ); self.metrics.blocked_bridges.inc(); } else { println!( - "BridgeLine {:?} NOT marked unreachable, not found in bridgetable!", + "Blocked BridgeLine {:?} NOT marked unreachable, not found in bridgetable!", bridge.uid_fingerprint ); } @@ -125,20 +128,22 @@ impl LoxServerContext { let res = self.update_bridge(bridge); if res { println!( - "BridgeLine {:?} successfully updated.", + "Grace period BridgeLine {:?} successfully updated.", bridge.uid_fingerprint ); accounted_for_bridges.push(bridge.uid_fingerprint); self.metrics.existing_or_updated_bridges.inc(); + } else { + println!("Grace period BridgeLine: {:?} not found in Lox's Bridgetable. Wait until it is working to update/add it!", bridge.uid_fingerprint); } } - // Next, handle the failing bridges. If resource last passed tests >=ACCEPTED_HOURS_OF_FAILURE ago, + // Next, handle the failing bridges. If resource last passed tests >= ACCEPTED_HOURS_OF_FAILURE ago, // it should be replaced with a working resource and be removed from the bridgetable. for bridge in failing { let res = self.replace_with_new(bridge); if res == lox_library::ReplaceSuccess::Replaced { println!( - "BridgeLine {:?} successfully replaced.", + "Failing BridgeLine {:?} successfully replaced.", bridge.uid_fingerprint ); accounted_for_bridges.push(bridge.uid_fingerprint); @@ -147,7 +152,7 @@ impl LoxServerContext { // Add the bridge to the list of to_be_replaced bridges in the Lox context and try // again to replace at the next update (nothing changes in the Lox Authority) println!( - "BridgeLine {:?} NOT replaced, saved for next update!", + "Failing BridgeLine {:?} NOT replaced, saved for next update!", bridge.uid_fingerprint ); self.new_to_be_replaced_bridge(bridge); @@ -160,7 +165,7 @@ impl LoxServerContext { "ReplaceSuccess incorrectly set" ); println!( - "BridgeLine {:?} no longer in bridge table.", + "Failing BridgeLine {:?} not found in bridge table.", bridge.uid_fingerprint ); } diff --git a/crates/lox-distributor/src/resource_parser.rs b/crates/lox-distributor/src/resource_parser.rs index 136578a..99b2434 100644 --- a/crates/lox-distributor/src/resource_parser.rs +++ b/crates/lox-distributor/src/resource_parser.rs @@ -2,7 +2,15 @@ use chrono::{Duration, Utc}; use lox_library::bridge_table::{BridgeLine, BRIDGE_BYTES, MAX_BRIDGES_PER_BUCKET}; use rdsys_backend::proto::Resource; -pub const ACCEPTED_HOURS_OF_FAILURE: i64 = 3; +/// Since the last passed time for a working > non-working resource +/// may be older than the current time by rdsys' expiry time (currently 18 hours): https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/pkg/usecases/resources/bridges.go?ref_type=heads#L176 +/// the distributor must use that time to decide on the ACCEPTED_HOURS_OF_FAILURE +pub const RDSYS_EXPIRY: i64 = 18; + +/// This value must correspond with rdsys' expiry time +/// and decide on an acceptable grace period for resources that aren't working +/// but may come back (and so shouldn't be replaced) +pub const ACCEPTED_HOURS_OF_FAILURE: i64 = 3 + RDSYS_EXPIRY; // Parse each resource from rdsys into a Bridgeline as expected by the Lox Bridgetable and return // Bridgelines as two vectors, those that are marked as blocked in a specified region (indicated in the config file) @@ -104,6 +112,18 @@ pub fn sort_for_parsing( for resource in resources { // TODO: Maybe filter for untested resources first if last_passed alone would skew // the filter in an unintended direction + println!( + "Resource {:?} last passed test: {:?}", + resource.fingerprint, resource.test_result.last_passed + ); + println!( + "Time + hours of accepted failure: {:?}", + resource.test_result.last_passed + Duration::hours(ACCEPTED_HOURS_OF_FAILURE) + ); + println!( + "Greater than Utc::now? {:?}", + resource.test_result.last_passed + Duration::hours(ACCEPTED_HOURS_OF_FAILURE) + ); if resource.test_result.last_passed + Duration::hours(ACCEPTED_HOURS_OF_FAILURE) >= Utc::now() { @@ -129,6 +149,8 @@ mod tests { use chrono::{Duration, Utc}; + use crate::resource_parser::ACCEPTED_HOURS_OF_FAILURE; + use super::sort_for_parsing; pub fn make_resource( @@ -178,7 +200,7 @@ mod tests { "123.456.789.100".to_owned(), 3002, "BE84A97D02130470A1C77839954392BA979F7EE1".to_owned(), - 2, + ACCEPTED_HOURS_OF_FAILURE-1, ); let resource_two = make_resource( "https".to_owned(), @@ -192,7 +214,7 @@ mod tests { "123.222.333.444".to_owned(), 6002, "C56B9EF202130470A1C77839954392BA979F7FF9".to_owned(), - 5, + ACCEPTED_HOURS_OF_FAILURE+2, ); let resource_three = make_resource( "scramblesuit".to_owned(), @@ -206,7 +228,7 @@ mod tests { "443.288.222.100".to_owned(), 3042, "5E3A8BD902130470A1C77839954392BA979F7B46".to_owned(), - 4, + ACCEPTED_HOURS_OF_FAILURE+1, ); let resource_four = make_resource( "https".to_owned(), @@ -220,7 +242,7 @@ mod tests { "555.444.212.100".to_owned(), 8022, "FF024DC302130470A1C77839954392BA979F7AE2".to_owned(), - 3, + ACCEPTED_HOURS_OF_FAILURE, ); let resource_five = make_resource( "https".to_owned(), @@ -248,7 +270,7 @@ mod tests { "434.777.212.100".to_owned(), 10112, "7B4DE04A22130470A1C77839954392BA979F7AE2".to_owned(), - 1, + ACCEPTED_HOURS_OF_FAILURE-ACCEPTED_HOURS_OF_FAILURE, ); let resource_seven = make_resource( "https".to_owned(),