diff options
| author | teor (Tim Wilson-Brown) <teor2345@gmail.com> | 2016-07-14 14:04:02 +1000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-09-13 10:10:54 -0400 |
| commit | b560f852f220f5630f6bf5a300d15b40c9c235cf (patch) | |
| tree | 8f245dab0172516b01f5617adb0c856ed991a0f2 /src/or/directory.h | |
| parent | b494ccc3c91423c4280c1fc003b5117d9aae54c0 (diff) | |
| download | tor-b560f852f220f5630f6bf5a300d15b40c9c235cf.tar.gz tor-b560f852f220f5630f6bf5a300d15b40c9c235cf.zip | |
Implement Prop #260: Single Onion Services
Add experimental OnionServiceSingleHopMode and
OnionServiceNonAnonymousMode options. When both are set to 1, every
hidden service on a tor instance becomes a non-anonymous Single Onion
Service. Single Onions make one-hop (direct) connections to their
introduction and renzedvous points. One-hop circuits make Single Onion
servers easily locatable, but clients remain location-anonymous.
This is compatible with the existing hidden service implementation, and
works on the current tor network without any changes to older relays or
clients.
Implements proposal #260, completes ticket #17178. Patch by teor & asn.
squash! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! Implement Prop #260: Single Onion Services
Redesign single onion service poisoning.
When in OnionServiceSingleHopMode, each hidden service key is poisoned
(marked as non-anonymous) on creation by creating a poison file in the
hidden service directory.
Existing keys are considered non-anonymous if this file exists, and
anonymous if it does not.
Tor refuses to launch in OnionServiceSingleHopMode if any existing keys
are anonymous. Similarly, it refuses to launch in anonymous client mode
if any existing keys are non-anonymous.
Rewrite the unit tests to match and be more comprehensive.
Adds a bonus unit test for rend_service_load_all_keys().
Diffstat (limited to 'src/or/directory.h')
| -rw-r--r-- | src/or/directory.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/or/directory.h b/src/or/directory.h index f04e7ab315..9477948aa0 100644 --- a/src/or/directory.h +++ b/src/or/directory.h @@ -132,7 +132,10 @@ int download_status_get_n_failures(const download_status_t *dls); int download_status_get_n_attempts(const download_status_t *dls); time_t download_status_get_next_attempt_at(const download_status_t *dls); +/* Yes, these two functions are confusingly similar. + * Let's sort that out in #20077. */ int purpose_needs_anonymity(uint8_t dir_purpose, uint8_t router_purpose); +int is_sensitive_dir_purpose(uint8_t dir_purpose); #ifdef TOR_UNIT_TESTS /* Used only by directory.c and test_dir.c */ |