{{Header}}
{{#seo:
|description=extracting time from Tor consensus
}}
= anondate-get =
Diagnostic utility. anondate-get
. A "higher level" easier to use tool than the "lower level" anondate
.
Usage of anondate-get
should be safe. It does not use networking. It does not change time. Only looks at locally available information.
{{CodeSelect|code=
sudo anondate-get
}}
Sample output.
/usr/sbin/anondate-get: INFO: 100% Tor bootstrap, ok. /usr/sbin/anondate-get: INFO: tor_circuit_established_check.py, ok. /usr/sbin/anondate-get: INFO: Tor circuit already established, ok. /usr/sbin/anondate-get: INFO: current time in valid in range, ok. /usr/sbin/anondate-get: INFO: Tor certificate lifetime valid, ok. /usr/sbin/anondate-get: END: Exiting with exit_code '3' indicating 'Could not determine any time using Tor from consensus or certificate life time.'.= anondate-set = Security impact has yet to be documented.
anondate-set
.
{{CodeSelect|code=
sudo anondate-set
}}
/usr/sbin/anondate-set: INFO: Status file '/run/anondate/tor_certificate_lifetime_set' does not yet exist. /usr/sbin/anondate-set: INFO: running anondate-get... /usr/sbin/anondate-get: INFO: 100% Tor bootstrap, ok. /usr/sbin/anondate-get: INFO: tor_circuit_established_check.py, ok. /usr/sbin/anondate-get: INFO: Tor circuit already established, ok. /usr/sbin/anondate-get: INFO: current time in valid in range, ok. /usr/sbin/anondate-get: INFO: Tor certificate lifetime valid, ok. /usr/sbin/anondate-get: END: Exiting with exit_code '3' indicating 'Could not determine any time using Tor from consensus or certificate life time.'. /usr/sbin/anondate-set: END: Exiting with exit_code '3' indicating 'Setting time using anondate either not possible or not required.'.= anondate = ===== Introduction ===== * TODO: documentation on anondate is outdated * anondate interface description as per latest git master: * https://github.com/{{project_name_short}}/helper-scripts/blob/master/usr/sbin/anondate * See also: [[#Tor Consensus Method]] * Needs access to either: **
/var/run/tor/log
[only default in {{project_name_long}} specific] [Tor Project Upstream Feature Request: [https://gitlab.torproject.org/legacy/trac/-/issues/16821 additional /var/run/tor/log default log]] This is better, because it only contains Tor's log since last boot. More relevant information. Easier for anondate to parse.
** Or access to /var/log/tor/log
. Configurable through the environment variable TOR_LOG
. (export TOR_LOG=/var/log/tor/log
) (Or we can change the default in the code.)
===== Consensus Related Options =====
* --verified-only
* --prefer-verified
* --unverified-only
===== Special Exit Codes =====
* exit 3
: $TOR_LOG
not readable.
* exit 4
: $consensus
not readable.
===== Simple Status Checking =====
====== anondate --has-consensus ======
Useful for checking if asking for any [[#Date Ranges Output]] is worthwhile.
* yes:
** exit 0
* no:
** exit 1
consensus/valid-after
)
* unverified: No.
====== anondate --current-time-in-valid-range ======
Useful for a sanity test before setting the time for the first time and before setting the time to a newly fetched timestamp.
* yes:
** exit 0
* no:
** exit 1
2015-08-15 22:00:00
** exit 0
* no:
** exit 1
consensus/valid-after
* unverified: No. Tor Project Upstream Feature Request: [https://gitlab.torproject.org/legacy/trac/-/issues/16845 make unverified consensus ISOTime accessible through Tor's ControlPort]
====== anondate --show-valid-until ======
* yes:
** output: 2015-08-16 01:00:00
** exit 0
* no:
** exit 1
consensus/valid-until
* unverified: No. Tor Project Upstream Feature Request: [https://gitlab.torproject.org/legacy/trac/-/issues/16845 make unverified consensus ISOTime accessible through Tor's ControlPort]
====== anondate --show-middle-range ======
* yes:
** output: 2015-08-15 23:30:00
** exit 0
* no:
** exit 1
Sep 03 10:32:59.000 [warn] Certificate already expired. Either their clock is set wrong, or your clock is wrong. Sep 03 10:32:59.000 [warn] (certificate lifetime runs from Aug 16 00:00:00 2014 GMT through Jul 29 23:59:59 2015 GMT. Your time is Sep 03 10:32:59 2015 UTC.)* yes: ** output:
Sep 03 10:34:00.000 [warn] Certificate already expired. Either their clock is set wrong, or your clock is wrong.
** exit 0
* no:
** exit 1
Can be replaced by Tor ControlPort / python-stem? No. Tor Project Upstream Feature Request: [https://gitlab.torproject.org/legacy/trac/-/issues/16822 make certificate lifetime accessible through Tor's ControlPort]
====== anondate --tor-cert-valid-after ======
Similar to above, but less output.
* output: Jun 16 00:00:00 2014 GMT
* Exit codes unreliable.
* Don't use without using the above first.
* (Could be fixed in the code if worthwhile.)
{{Footer}}
[[Category:Development]]