vecna
/
lox
mirror of https://gitlab.torproject.org/vecna/lox.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update ACCEPTED_HOURS_OF_FAILURE to account for rdsys expiry time

This commit is contained in:
onyinyang 2024-01-25 17:38:45 -05:00
parent bad2457973
commit 11c09efed4
2 changed files with 40 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
crates/lox-distributor/src/lox_context.rs
View File

@ -111,11 +111,14 @@ impl LoxServerContext {
for bridge in blocked { for bridge in blocked {
let res = self.mark_blocked(bridge); let res = self.mark_blocked(bridge);
if res { if res {
println!("BridgeLine {:?} successfully marked unreachable", bridge); println!(
"Blocked BridgeLine {:?} successfully marked unreachable",
bridge
);
self.metrics.blocked_bridges.inc(); self.metrics.blocked_bridges.inc();
} else { } else {
println!( println!(
"BridgeLine {:?} NOT marked unreachable, not found in bridgetable!", "Blocked BridgeLine {:?} NOT marked unreachable, not found in bridgetable!",
bridge.uid_fingerprint bridge.uid_fingerprint
); );
} }
@ -125,11 +128,13 @@ impl LoxServerContext {
let res = self.update_bridge(bridge); let res = self.update_bridge(bridge);
if res { if res {
println!( println!(
"BridgeLine {:?} successfully updated.", "Grace period BridgeLine {:?} successfully updated.",
bridge.uid_fingerprint bridge.uid_fingerprint
); );
accounted_for_bridges.push(bridge.uid_fingerprint); accounted_for_bridges.push(bridge.uid_fingerprint);
self.metrics.existing_or_updated_bridges.inc(); self.metrics.existing_or_updated_bridges.inc();
} else {
println!("Grace period BridgeLine: {:?} not found in Lox's Bridgetable. Wait until it is working to update/add it!", bridge.uid_fingerprint);
} }
} }
// Next, handle the failing bridges. If resource last passed tests >= ACCEPTED_HOURS_OF_FAILURE ago, // Next, handle the failing bridges. If resource last passed tests >= ACCEPTED_HOURS_OF_FAILURE ago,
@ -138,7 +143,7 @@ impl LoxServerContext {
let res = self.replace_with_new(bridge); let res = self.replace_with_new(bridge);
if res == lox_library::ReplaceSuccess::Replaced { if res == lox_library::ReplaceSuccess::Replaced {
println!( println!(
"BridgeLine {:?} successfully replaced.", "Failing BridgeLine {:?} successfully replaced.",
bridge.uid_fingerprint bridge.uid_fingerprint
); );
accounted_for_bridges.push(bridge.uid_fingerprint); accounted_for_bridges.push(bridge.uid_fingerprint);
@ -147,7 +152,7 @@ impl LoxServerContext {
// Add the bridge to the list of to_be_replaced bridges in the Lox context and try // Add the bridge to the list of to_be_replaced bridges in the Lox context and try
// again to replace at the next update (nothing changes in the Lox Authority) // again to replace at the next update (nothing changes in the Lox Authority)
println!( println!(
"BridgeLine {:?} NOT replaced, saved for next update!", "Failing BridgeLine {:?} NOT replaced, saved for next update!",
bridge.uid_fingerprint bridge.uid_fingerprint
); );
self.new_to_be_replaced_bridge(bridge); self.new_to_be_replaced_bridge(bridge);
@ -160,7 +165,7 @@ impl LoxServerContext {
"ReplaceSuccess incorrectly set" "ReplaceSuccess incorrectly set"
); );
println!( println!(
"BridgeLine {:?} no longer in bridge table.", "Failing BridgeLine {:?} not found in bridge table.",
bridge.uid_fingerprint bridge.uid_fingerprint
); );
} }

34
crates/lox-distributor/src/resource_parser.rs
View File

@ -2,7 +2,15 @@ use chrono::{Duration, Utc};
use lox_library::bridge_table::{BridgeLine, BRIDGE_BYTES, MAX_BRIDGES_PER_BUCKET}; use lox_library::bridge_table::{BridgeLine, BRIDGE_BYTES, MAX_BRIDGES_PER_BUCKET};
use rdsys_backend::proto::Resource; use rdsys_backend::proto::Resource;
pub const ACCEPTED_HOURS_OF_FAILURE: i64 = 3; /// Since the last passed time for a working > non-working resource
/// may be older than the current time by rdsys' expiry time (currently 18 hours): https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/pkg/usecases/resources/bridges.go?ref_type=heads#L176
/// the distributor must use that time to decide on the ACCEPTED_HOURS_OF_FAILURE
pub const RDSYS_EXPIRY: i64 = 18;
/// This value must correspond with rdsys' expiry time
/// and decide on an acceptable grace period for resources that aren't working
/// but may come back (and so shouldn't be replaced)
pub const ACCEPTED_HOURS_OF_FAILURE: i64 = 3 + RDSYS_EXPIRY;
// Parse each resource from rdsys into a Bridgeline as expected by the Lox Bridgetable and return // Parse each resource from rdsys into a Bridgeline as expected by the Lox Bridgetable and return
// Bridgelines as two vectors, those that are marked as blocked in a specified region (indicated in the config file) // Bridgelines as two vectors, those that are marked as blocked in a specified region (indicated in the config file)
@ -104,6 +112,18 @@ pub fn sort_for_parsing(
for resource in resources { for resource in resources {
// TODO: Maybe filter for untested resources first if last_passed alone would skew // TODO: Maybe filter for untested resources first if last_passed alone would skew
// the filter in an unintended direction // the filter in an unintended direction
println!(
"Resource {:?} last passed test: {:?}",
resource.fingerprint, resource.test_result.last_passed
);
println!(
"Time + hours of accepted failure: {:?}",
resource.test_result.last_passed + Duration::hours(ACCEPTED_HOURS_OF_FAILURE)
);
println!(
"Greater than Utc::now? {:?}",
resource.test_result.last_passed + Duration::hours(ACCEPTED_HOURS_OF_FAILURE)
);
if resource.test_result.last_passed + Duration::hours(ACCEPTED_HOURS_OF_FAILURE) if resource.test_result.last_passed + Duration::hours(ACCEPTED_HOURS_OF_FAILURE)
>= Utc::now() >= Utc::now()
{ {
@ -129,6 +149,8 @@ mod tests {
use chrono::{Duration, Utc}; use chrono::{Duration, Utc};
use crate::resource_parser::ACCEPTED_HOURS_OF_FAILURE;
use super::sort_for_parsing; use super::sort_for_parsing;
pub fn make_resource( pub fn make_resource(
@ -178,7 +200,7 @@ mod tests {
"123.456.789.100".to_owned(), "123.456.789.100".to_owned(),
3002, 3002,
"BE84A97D02130470A1C77839954392BA979F7EE1".to_owned(), "BE84A97D02130470A1C77839954392BA979F7EE1".to_owned(),
2, ACCEPTED_HOURS_OF_FAILURE-1,
); );
let resource_two = make_resource( let resource_two = make_resource(
"https".to_owned(), "https".to_owned(),
@ -192,7 +214,7 @@ mod tests {
"123.222.333.444".to_owned(), "123.222.333.444".to_owned(),
6002, 6002,
"C56B9EF202130470A1C77839954392BA979F7FF9".to_owned(), "C56B9EF202130470A1C77839954392BA979F7FF9".to_owned(),
5, ACCEPTED_HOURS_OF_FAILURE+2,
); );
let resource_three = make_resource( let resource_three = make_resource(
"scramblesuit".to_owned(), "scramblesuit".to_owned(),
@ -206,7 +228,7 @@ mod tests {
"443.288.222.100".to_owned(), "443.288.222.100".to_owned(),
3042, 3042,
"5E3A8BD902130470A1C77839954392BA979F7B46".to_owned(), "5E3A8BD902130470A1C77839954392BA979F7B46".to_owned(),
4, ACCEPTED_HOURS_OF_FAILURE+1,
); );
let resource_four = make_resource( let resource_four = make_resource(
"https".to_owned(), "https".to_owned(),
@ -220,7 +242,7 @@ mod tests {
"555.444.212.100".to_owned(), "555.444.212.100".to_owned(),
8022, 8022,
"FF024DC302130470A1C77839954392BA979F7AE2".to_owned(), "FF024DC302130470A1C77839954392BA979F7AE2".to_owned(),
3, ACCEPTED_HOURS_OF_FAILURE,
); );
let resource_five = make_resource( let resource_five = make_resource(
"https".to_owned(), "https".to_owned(),
@ -248,7 +270,7 @@ mod tests {
"434.777.212.100".to_owned(), "434.777.212.100".to_owned(),
10112, 10112,
"7B4DE04A22130470A1C77839954392BA979F7AE2".to_owned(), "7B4DE04A22130470A1C77839954392BA979F7AE2".to_owned(),
1, ACCEPTED_HOURS_OF_FAILURE-ACCEPTED_HOURS_OF_FAILURE,
); );
let resource_seven = make_resource( let resource_seven = make_resource(
"https".to_owned(), "https".to_owned(),