From 827bd0e8827e10d1fe14c04b3d605b2278e3001e Mon Sep 17 00:00:00 2001
From: George Kadianakis <desnacked@riseup.net>
Date: Sun, 6 Aug 2017 22:24:07 +0300
Subject: Increase HS desc cert lifetime.

We used to have a small HS desc cert lifetime but those certs can stick
around for 36 hours if they get initialized in the beginning of overlap
period.

[warn] Bug: Non-fatal assertion !(hs_desc_encode_descriptor(desc->desc, &desc->signing_kp, &encoded_desc) < 0) failed in
upload_descriptor_to_hsdir at src/or/hs_service.c:1886. Stack trace: (on Tor 0.3.2.0-alpha-dev b4a14555597fb9b3)
---
 src/or/hs_descriptor.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/or/hs_descriptor.h b/src/or/hs_descriptor.h
index d9c632b589..fa211d3917 100644
--- a/src/or/hs_descriptor.h
+++ b/src/or/hs_descriptor.h
@@ -31,7 +31,7 @@
 #define HS_DESC_MAX_LIFETIME (12 * 60 * 60)
 /* Lifetime of certificate in the descriptor. This defines the lifetime of the
  * descriptor signing key and the cross certification cert of that key. */
-#define HS_DESC_CERT_LIFETIME (24 * 60 * 60)
+#define HS_DESC_CERT_LIFETIME (36 * 60 * 60)
 /* Length of the salt needed for the encrypted section of a descriptor. */
 #define HS_DESC_ENCRYPTED_SALT_LEN 16
 /* Length of the secret input needed for the KDF construction which derives
-- 
cgit v1.2.3-54-g00ecf