Merge remote-tracking branch 'origin/maint-0.2.4'

5 files changed, 32 insertions, 16 deletions

diff --git a/src/or/config.c b/src/or/config.c
index 335d36808b..79234aabc7 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -393,6 +393,7 @@ static config_var_t option_vars_[] = {
   V(SSLKeyLifetime,              INTERVAL, "0"),
   OBSOLETE("StatusFetchPeriod"),
   V(StrictNodes,                 BOOL,     "0"),
+  V(Support022HiddenServices,    AUTOBOOL, "auto"),
   OBSOLETE("SysLog"),
   V(TestSocks,                   BOOL,     "0"),
   OBSOLETE("TestVia"),
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 120f732ce6..637ee4dd35 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -2121,8 +2121,9 @@ connection_or_send_netinfo(or_connection_t *conn)
   memset(&cell, 0, sizeof(cell_t));
   cell.command = CELL_NETINFO;
 
-  /* Timestamp. */
-  set_uint32(cell.payload, htonl((uint32_t)now));
+  /* Timestamp, if we're a relay. */
+  if (! conn->handshake_state->started_here)
+    set_uint32(cell.payload, htonl((uint32_t)now));
 
   /* Their address. */
   out = cell.payload + 4;
@@ -2356,19 +2357,11 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
   if (server)
     return V3_AUTH_FIXED_PART_LEN; // ptr-out
 
-  /* Time: 8 octets. */
-  {
-    uint64_t now = time(NULL);
-    if ((time_t)now < 0)
-      return -1;
-    set_uint32(ptr, htonl((uint32_t)(now>>32)));
-    set_uint32(ptr+4, htonl((uint32_t)now));
-    ptr += 8;
-  }
-
-  /* Nonce: 16 octets. */
-  crypto_rand((char*)ptr, 16);
-  ptr += 16;
+  /* 8 octets were reserved for the current time, but we're trying to get out
+   * of the habit of sending time around willynilly.  Fortunately, nothing
+   * checks it.  That's followed by 16 bytes of nonce. */
+  crypto_rand((char*)ptr, 24);
+  ptr += 24;
 
   tor_assert(ptr - out == V3_AUTH_BODY_LEN);
 
diff --git a/src/or/or.h b/src/or/or.h
index bd038f783c..adb4adf112 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4219,6 +4219,9 @@ typedef struct {
 
   /** How long (seconds) do we keep a guard before picking a new one? */
   int GuardLifetime;
+
+  /** Should we send the timestamps that pre-023 hidden services want? */
+  int Support022HiddenServices;
 } or_options_t;
 
 /** Persistent state for an onion router, as saved to disk. */
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 8b8c0e5055..b1d4bf31df 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -16,6 +16,7 @@
 #include "connection_edge.h"
 #include "directory.h"
 #include "main.h"
+#include "networkstatus.h"
 #include "nodelist.h"
 #include "relay.h"
 #include "rendclient.h"
@@ -127,6 +128,16 @@ rend_client_reextend_intro_circuit(origin_circuit_t *circ)
   return result;
 }
 
+/** Return true iff we should send timestamps in our INTRODUCE1 cells */
+static int
+rend_client_should_send_timestamp(void)
+{
+  if (get_options()->Support022HiddenServices >= 0)
+    return get_options()->Support022HiddenServices;
+
+  return networkstatus_get_param(NULL, "Support022HiddenServices", 1, 0, 1);
+}
+
 /** Called when we're trying to connect an ap conn; sends an INTRODUCE1 cell
  * down introcirc if possible.
  */
@@ -238,7 +249,14 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
              REND_DESC_COOKIE_LEN);
       v3_shift += 2+REND_DESC_COOKIE_LEN;
     }
-    set_uint32(tmp+v3_shift+1, htonl((uint32_t)time(NULL)));
+    if (rend_client_should_send_timestamp()) {
+      time_t now = (uint32_t)time(NULL);
+      now += 300;
+      now -= now % 600;
+      set_uint32(tmp+v3_shift+1, htonl(now));
+    } else {
+      set_uint32(tmp+v3_shift+1, 0);
+    }
     v3_shift += 4;
   } /* if version 2 only write version number */
   else if (entry->parsed->protocols & (1<<2)) {
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 730e47f5cd..0c52552f67 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -593,6 +593,7 @@ rend_service_update_descriptor(rend_service_t *service)
   d = service->desc = tor_malloc_zero(sizeof(rend_service_descriptor_t));
   d->pk = crypto_pk_dup_key(service->private_key);
   d->timestamp = time(NULL);
+  d->timestamp -= d->timestamp % 3600; /* Round down to nearest hour */
   d->intro_nodes = smartlist_new();
   /* Support intro protocols 2 and 3. */
   d->protocols = (1 << 2) + (1 << 3);