vecna
/
lox
mirror of https://gitlab.torproject.org/vecna/lox.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update ACCEPTED_HOURS_OF_FAILURE to account for rdsys expiry time

This commit is contained in:
onyinyang 2024-01-25 17:38:45 -05:00
parent bad2457973
commit 11c09efed4
2 changed files with 40 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
crates/lox-distributor/src/lox_context.rs
View File

@ -111,11 +111,14 @@ impl LoxServerContext {
for bridge in blocked {
let res = self.mark_blocked(bridge);
if res {
println!("BridgeLine {:?} successfully marked unreachable", bridge);
println!(
"Blocked BridgeLine {:?} successfully marked unreachable",
bridge
);
self.metrics.blocked_bridges.inc();
} else {
println!(
"BridgeLine {:?} NOT marked unreachable, not found in bridgetable!",
"Blocked BridgeLine {:?} NOT marked unreachable, not found in bridgetable!",
bridge.uid_fingerprint
);
}
@ -125,20 +128,22 @@ impl LoxServerContext {
let res = self.update_bridge(bridge);
if res {
println!(
"BridgeLine {:?} successfully updated.",
"Grace period BridgeLine {:?} successfully updated.",
bridge.uid_fingerprint
);
accounted_for_bridges.push(bridge.uid_fingerprint);
self.metrics.existing_or_updated_bridges.inc();
} else {
println!("Grace period BridgeLine: {:?} not found in Lox's Bridgetable. Wait until it is working to update/add it!", bridge.uid_fingerprint);
}
}
// Next, handle the failing bridges. If resource last passed tests >=ACCEPTED_HOURS_OF_FAILURE ago,
// Next, handle the failing bridges. If resource last passed tests >= ACCEPTED_HOURS_OF_FAILURE ago,
// it should be replaced with a working resource and be removed from the bridgetable.
for bridge in failing {
let res = self.replace_with_new(bridge);
if res == lox_library::ReplaceSuccess::Replaced {
println!(
"BridgeLine {:?} successfully replaced.",
"Failing BridgeLine {:?} successfully replaced.",
bridge.uid_fingerprint
);
accounted_for_bridges.push(bridge.uid_fingerprint);
@ -147,7 +152,7 @@ impl LoxServerContext {
// Add the bridge to the list of to_be_replaced bridges in the Lox context and try
// again to replace at the next update (nothing changes in the Lox Authority)
println!(
"BridgeLine {:?} NOT replaced, saved for next update!",
"Failing BridgeLine {:?} NOT replaced, saved for next update!",
bridge.uid_fingerprint
);
self.new_to_be_replaced_bridge(bridge);
@ -160,7 +165,7 @@ impl LoxServerContext {
"ReplaceSuccess incorrectly set"
);
println!(
"BridgeLine {:?} no longer in bridge table.",
"Failing BridgeLine {:?} not found in bridge table.",
bridge.uid_fingerprint
);
}

34
crates/lox-distributor/src/resource_parser.rs
View File

@ -2,7 +2,15 @@ use chrono::{Duration, Utc};
use lox_library::bridge_table::{BridgeLine, BRIDGE_BYTES, MAX_BRIDGES_PER_BUCKET};
use rdsys_backend::proto::Resource;
pub const ACCEPTED_HOURS_OF_FAILURE: i64 = 3;
/// Since the last passed time for a working > non-working resource
/// may be older than the current time by rdsys' expiry time (currently 18 hours): https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/pkg/usecases/resources/bridges.go?ref_type=heads#L176
/// the distributor must use that time to decide on the ACCEPTED_HOURS_OF_FAILURE
pub const RDSYS_EXPIRY: i64 = 18;
/// This value must correspond with rdsys' expiry time
/// and decide on an acceptable grace period for resources that aren't working
/// but may come back (and so shouldn't be replaced)
pub const ACCEPTED_HOURS_OF_FAILURE: i64 = 3 + RDSYS_EXPIRY;
// Parse each resource from rdsys into a Bridgeline as expected by the Lox Bridgetable and return
// Bridgelines as two vectors, those that are marked as blocked in a specified region (indicated in the config file)
@ -104,6 +112,18 @@ pub fn sort_for_parsing(
for resource in resources {
// TODO: Maybe filter for untested resources first if last_passed alone would skew
// the filter in an unintended direction
println!(
"Resource {:?} last passed test: {:?}",
resource.fingerprint, resource.test_result.last_passed
);
println!(
"Time + hours of accepted failure: {:?}",
resource.test_result.last_passed + Duration::hours(ACCEPTED_HOURS_OF_FAILURE)
);
println!(
"Greater than Utc::now? {:?}",
resource.test_result.last_passed + Duration::hours(ACCEPTED_HOURS_OF_FAILURE)
);
if resource.test_result.last_passed + Duration::hours(ACCEPTED_HOURS_OF_FAILURE)
>= Utc::now()
{
@ -129,6 +149,8 @@ mod tests {
use chrono::{Duration, Utc};
use crate::resource_parser::ACCEPTED_HOURS_OF_FAILURE;
use super::sort_for_parsing;
pub fn make_resource(
@ -178,7 +200,7 @@ mod tests {
"123.456.789.100".to_owned(),
3002,
"BE84A97D02130470A1C77839954392BA979F7EE1".to_owned(),
2,
ACCEPTED_HOURS_OF_FAILURE-1,
);
let resource_two = make_resource(
"https".to_owned(),
@ -192,7 +214,7 @@ mod tests {
"123.222.333.444".to_owned(),
6002,
"C56B9EF202130470A1C77839954392BA979F7FF9".to_owned(),
5,
ACCEPTED_HOURS_OF_FAILURE+2,
);
let resource_three = make_resource(
"scramblesuit".to_owned(),
@ -206,7 +228,7 @@ mod tests {
"443.288.222.100".to_owned(),
3042,
"5E3A8BD902130470A1C77839954392BA979F7B46".to_owned(),
4,
ACCEPTED_HOURS_OF_FAILURE+1,
);
let resource_four = make_resource(
"https".to_owned(),
@ -220,7 +242,7 @@ mod tests {
"555.444.212.100".to_owned(),
8022,
"FF024DC302130470A1C77839954392BA979F7AE2".to_owned(),
3,
ACCEPTED_HOURS_OF_FAILURE,
);
let resource_five = make_resource(
"https".to_owned(),
@ -248,7 +270,7 @@ mod tests {
"434.777.212.100".to_owned(),
10112,
"7B4DE04A22130470A1C77839954392BA979F7AE2".to_owned(),
1,
ACCEPTED_HOURS_OF_FAILURE-ACCEPTED_HOURS_OF_FAILURE,
);
let resource_seven = make_resource(
"https".to_owned(),