7 files changed, 82 insertions, 15 deletions

diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c
index 55b992ee28..f7ab6442b9 100644
--- a/src/feature/hs/hs_circuit.c
+++ b/src/feature/hs/hs_circuit.c
@@ -1369,7 +1369,7 @@ hs_circ_handle_introduce2(const hs_service_t *service,
 
   /* Add the rendezvous request to the priority queue if PoW defenses are
    * enabled, otherwise rendezvous as usual. */
-  if (service->config.has_pow_defenses_enabled) {
+  if (have_module_pow() && service->config.has_pow_defenses_enabled) {
     log_notice(LD_REND,
                "Adding introduction request to pqueue with effort: %u",
                data.rdv_data.pow_effort);
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index 56547de7e7..6a404395ea 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -733,7 +733,8 @@ consider_sending_introduce1(origin_circuit_t *intro_circ,
 
   /* If the descriptor contains PoW parameters then the service is
    * expecting a PoW solution in the INTRODUCE cell, which we solve here. */
-  if (desc->encrypted_data.pow_params &&
+  if (have_module_pow() &&
+      desc->encrypted_data.pow_params &&
       desc->encrypted_data.pow_params->suggested_effort > 0) {
     log_debug(LD_REND, "PoW params present in descriptor.");
 
@@ -752,9 +753,11 @@ consider_sending_introduce1(origin_circuit_t *intro_circ,
 
     /* send it to the client-side pow cpuworker for solving. */
     intro_circ->hs_currently_solving_pow = 1;
-    pow_queue_work(intro_circ->global_identifier,
-                   rend_circ->global_identifier,
-                   desc->encrypted_data.pow_params);
+    if (0 != hs_pow_queue_work(intro_circ->global_identifier,
+                               rend_circ->global_identifier,
+                               desc->encrypted_data.pow_params)) {
+      log_debug(LD_REND, "Failed to enqueue PoW request");
+    }
 
     /* can't proceed with the intro1 cell yet, so yield back to the
      * main loop */
diff --git a/src/feature/hs/hs_config.c b/src/feature/hs/hs_config.c
index 0f5a8cf49a..296941138b 100644
--- a/src/feature/hs/hs_config.c
+++ b/src/feature/hs/hs_config.c
@@ -327,6 +327,12 @@ config_validate_service(const hs_service_config_t *config)
              config->pow_queue_burst, config->pow_queue_rate);
     goto invalid;
   }
+  if (config->has_pow_defenses_enabled && !have_module_pow()) {
+    log_warn(LD_CONFIG, "Hidden service proof-of-work defenses are enabled "
+                        "in our configuration but this build of tor does not "
+                        "include the required 'pow' module.");
+    goto invalid;
+  }
 
   /* Valid. */
   return 0;
diff --git a/src/feature/hs/hs_pow.c b/src/feature/hs/hs_pow.c
index 3c02a4851e..8ca121762f 100644
--- a/src/feature/hs/hs_pow.c
+++ b/src/feature/hs/hs_pow.c
@@ -410,9 +410,9 @@ pow_worker_replyfn(void *work_)
  * Queue the job of solving the pow in a worker thread.
  */
 int
-pow_queue_work(uint32_t intro_circ_identifier,
-               uint32_t rend_circ_identifier,
-               const hs_pow_desc_params_t *pow_params)
+hs_pow_queue_work(uint32_t intro_circ_identifier,
+                  uint32_t rend_circ_identifier,
+                  const hs_pow_desc_params_t *pow_params)
 {
   tor_assert(in_main_thread());
 
diff --git a/src/feature/hs/hs_pow.h b/src/feature/hs/hs_pow.h
index 92ea011b2b..b27bd7441c 100644
--- a/src/feature/hs/hs_pow.h
+++ b/src/feature/hs/hs_pow.h
@@ -127,6 +127,9 @@ typedef struct hs_pow_solution_t {
   equix_solution equix_solution;
 } hs_pow_solution_t;
 
+#ifdef HAVE_MODULE_POW
+#define have_module_pow() (1)
+
 /* API */
 int hs_pow_solve(const hs_pow_desc_params_t *pow_params,
                  hs_pow_solution_t *pow_solution_out);
@@ -137,8 +140,54 @@ int hs_pow_verify(const hs_pow_service_state_t *pow_state,
 void hs_pow_remove_seed_from_cache(uint32_t seed);
 void hs_pow_free_service_state(hs_pow_service_state_t *state);
 
-int pow_queue_work(uint32_t intro_circ_identifier,
-                   uint32_t rend_circ_identifier,
-                   const hs_pow_desc_params_t *pow_params);
+int hs_pow_queue_work(uint32_t intro_circ_identifier,
+                      uint32_t rend_circ_identifier,
+                      const hs_pow_desc_params_t *pow_params);
+
+#else /* !defined(HAVE_MODULE_POW) */
+#define have_module_pow() (0)
+
+static inline int
+hs_pow_solve(const hs_pow_desc_params_t *pow_params,
+             hs_pow_solution_t *pow_solution_out)
+{
+  (void)pow_params;
+  (void)pow_solution_out;
+  return -1;
+}
+
+static inline int
+hs_pow_verify(const hs_pow_service_state_t *pow_state,
+              const hs_pow_solution_t *pow_solution)
+{
+  (void)pow_state;
+  (void)pow_solution;
+  return -1;
+}
+
+static inline void
+hs_pow_remove_seed_from_cache(uint32_t seed)
+{
+  (void)seed;
+}
+
+static inline void
+hs_pow_free_service_state(hs_pow_service_state_t *state)
+{
+  (void)state;
+}
+
+static inline int
+hs_pow_queue_work(uint32_t intro_circ_identifier,
+                  uint32_t rend_circ_identifier,
+                  const hs_pow_desc_params_t *pow_params)
+{
+  (void)intro_circ_identifier;
+  (void)rend_circ_identifier;
+  (void)pow_params;
+  return -1;
+}
+
+#endif /* defined(HAVE_MODULE_POW) */
 
 #endif /* !defined(TOR_HS_POW_H) */
diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index dd360d3659..a9070024cb 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -2899,7 +2899,7 @@ run_housekeeping_event(time_t now)
 
     /* Check if we need to initialize or update PoW parameters, if the
      * defenses are enabled. */
-    if (service->config.has_pow_defenses_enabled) {
+    if (have_module_pow() && service->config.has_pow_defenses_enabled) {
       pow_housekeeping(service, now);
     }
 
@@ -2937,8 +2937,10 @@ run_build_descriptor_event(time_t now)
    * is useful for newly built descriptors. */
   update_all_descriptors_intro_points(now);
 
-  /* Update the PoW params if needed. */
-  update_all_descriptors_pow_params(now);
+  if (have_module_pow()) {
+    /* Update the PoW params if needed. */
+    update_all_descriptors_pow_params(now);
+  }
 }
 
 /** For the given service, launch any intro point circuits that could be
diff --git a/src/feature/hs/include.am b/src/feature/hs/include.am
index f4966e6c54..b64ab1b41c 100644
--- a/src/feature/hs/include.am
+++ b/src/feature/hs/include.am
@@ -15,12 +15,19 @@ LIBTOR_APP_A_SOURCES += 				\
 	src/feature/hs/hs_intropoint.c		\
 	src/feature/hs/hs_metrics.c			\
 	src/feature/hs/hs_ob.c			\
-	src/feature/hs/hs_pow.c			\
 	src/feature/hs/hs_service.c		\
 	src/feature/hs/hs_stats.c		\
 	src/feature/hs/hs_sys.c		\
 	src/feature/hs/hs_metrics_entry.c
 
+# Proof of Work module
+MODULE_POW_SOURCES =				\
+	src/feature/hs/hs_pow.c
+
+if BUILD_MODULE_POW
+LIBTOR_APP_A_SOURCES +=	$(MODULE_POW_SOURCES)
+endif
+
 # ADD_C_FILE: INSERT HEADERS HERE.
 noinst_HEADERS +=					\
 	src/feature/hs/hs_cache.h			\