1 files changed, 21 insertions, 6 deletions

diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 83a7543c39..9b1f737917 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -1683,12 +1683,27 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
       if (conn->rend_data->auth_type == REND_NO_AUTH)
         rend_client_refetch_renddesc(conn->rend_data->onion_address);
     } else { /* r > 0 */
-      conn->_base.state = AP_CONN_STATE_CIRCUIT_WAIT;
-      log_info(LD_REND, "Descriptor is here and fresh enough. Great.");
-      if (connection_ap_handshake_attach_circuit(conn) < 0) {
-        if (!conn->_base.marked_for_close)
-          connection_mark_unattached_ap(conn, END_STREAM_REASON_CANT_ATTACH);
-        return -1;
+/** How long after we receive a hidden service descriptor do we consider
+ * it valid? */
+#define NUM_SECONDS_BEFORE_HS_REFETCH (60*15)
+      if (now - entry->received < NUM_SECONDS_BEFORE_HS_REFETCH) {
+        conn->_base.state = AP_CONN_STATE_CIRCUIT_WAIT;
+        log_info(LD_REND, "Descriptor is here and fresh enough. Great.");
+        if (connection_ap_handshake_attach_circuit(conn) < 0) {
+          if (!conn->_base.marked_for_close)
+            connection_mark_unattached_ap(conn, END_STREAM_REASON_CANT_ATTACH);
+          return -1;
+        }
+      } else {
+        conn->_base.state = AP_CONN_STATE_RENDDESC_WAIT;
+        log_info(LD_REND, "Stale descriptor %s. Re-fetching.",
+                 safe_str(conn->rend_data->onion_address));
+        /* Fetch both, v0 and v2 rend descriptors in parallel. Use whichever
+         * arrives first. Exception: When using client authorization, only
+         * fetch v2 descriptors.*/
+        rend_client_refetch_v2_renddesc(conn->rend_data);
+        if (conn->rend_data->auth_type == REND_NO_AUTH)
+          rend_client_refetch_renddesc(conn->rend_data->onion_address);
       }
     }
     return 0;