diff options
| author | David Goulet <dgoulet@ev0ke.net> | 2015-09-02 14:53:39 +0200 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-09-02 10:47:20 -0400 |
| commit | 07b3028db74af246ca98c2d3a86d5efde9aa33c2 (patch) | |
| tree | 36afeb232f96610861c14f5216355e9c7e0ab632 /src/or/routerset.c | |
| parent | f6bd8fbb806abaf4015d8b8e08a737bc09ec63f6 (diff) | |
| download | tor-07b3028db74af246ca98c2d3a86d5efde9aa33c2.tar.gz tor-07b3028db74af246ca98c2d3a86d5efde9aa33c2.zip | |
Prohibit the use of one entry node with an HS
In a nutshell, since a circuit can not exit at its entry point, it's very
easy for an attacker to find the hidden service guard if only one EntryNodes
is specified since for that guard, the HS will refuse to build a rendezvous
circuit to it.
For now, the best solution is to stop tor to allow a single EntryNodes for
an hidden service.
Fixes #14917
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
Diffstat (limited to 'src/or/routerset.c')
| -rw-r--r-- | src/or/routerset.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/or/routerset.c b/src/or/routerset.c index 99de11ed5e..9fe5dffdeb 100644 --- a/src/or/routerset.c +++ b/src/or/routerset.c @@ -162,6 +162,17 @@ routerset_is_empty(const routerset_t *set) return !set || smartlist_len(set->list) == 0; } +/** Return the number of entries in <b>set</b>. This does NOT return a + * negative value. */ +int +routerset_len(const routerset_t *set) +{ + if (!set) { + return 0; + } + return smartlist_len(set->list); +} + /** Helper. Return true iff <b>set</b> contains a router based on the other * provided fields. Return higher values for more specific subentries: a * single router is more specific than an address range of routers, which is |