diff options
| author | teor <teor2345@gmail.com> | 2016-11-18 11:46:01 +1100 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-12-01 09:44:53 -0500 |
| commit | f80a43d16f5f7a5e63d0949df74077c875ee5d94 (patch) | |
| tree | a2a00189d5a2f94dc9ca641abc159b4fed220aee /src/or/rendservice.h | |
| parent | 91abd60cad2fa3ca9f85fe20956f5f6a336c9c67 (diff) | |
| download | tor-f80a43d16f5f7a5e63d0949df74077c875ee5d94.tar.gz tor-f80a43d16f5f7a5e63d0949df74077c875ee5d94.zip | |
Stop ignoring hidden service key anonymity when first starting tor
Instead, refuse to start tor if any hidden service key has been used in
a different hidden service anonymity mode.
Fixes bug 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf.
The original single onion service poisoning code checked poisoning state
in options_validate, and poisoned in options_act. This was problematic,
because the global array of hidden services had not been populated in
options_validate (and there were ordrering issues with hidden service
directory creation).
This patch fixes this issue in rend_service_check_dir_and_add, which:
* creates the directory, or checks permissions on an existing directory, then
* checks the poisoning state of the directory, then
* poisons the directory.
When validating, only the permissions checks and the poisoning state checks
are perfomed (the directory is not modified).
Diffstat (limited to 'src/or/rendservice.h')
| -rw-r--r-- | src/or/rendservice.h | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/or/rendservice.h b/src/or/rendservice.h index bd3fb1fdaa..3b185672f6 100644 --- a/src/or/rendservice.h +++ b/src/or/rendservice.h @@ -123,7 +123,12 @@ STATIC int rend_service_check_dir_and_add(smartlist_t *service_list, const or_options_t *options, rend_service_t *service, int validate_only); - +STATIC int rend_service_verify_single_onion_poison( + const rend_service_t *s, + const or_options_t *options); +STATIC int rend_service_poison_new_single_onion_dir( + const rend_service_t *s, + const or_options_t* options); #endif int num_rend_services(void); @@ -169,11 +174,6 @@ void rend_service_port_config_free(rend_service_port_config_t *p); void rend_authorized_client_free(rend_authorized_client_t *client); -int rend_service_list_verify_single_onion_poison( - const smartlist_t *service_list, - const or_options_t *options); -int rend_service_poison_new_single_onion_dirs(const smartlist_t *service_list); - /** Return value from rend_service_add_ephemeral. */ typedef enum { RSAE_BADAUTH = -5, /**< Invalid auth_type/auth_clients */ |