From e5fc02c81c39896a31ee8bb3e26659f917322ed1 Mon Sep 17 00:00:00 2001
From: David Goulet <dgoulet@torproject.org>
Date: Wed, 5 Apr 2017 16:47:55 -0400
Subject: config: Warn if EntryNodes and HiddenService are used together

Pinning EntryNodes along with hidden services can be possibly harmful (for
instance #14917 and #21155) so at the very least warn the operator if this is
the case.

Fixes #21155

Signed-off-by: David Goulet <dgoulet@torproject.org>
---
 src/or/config.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'src/or/config.c')

diff --git a/src/or/config.c b/src/or/config.c
index 7ae40053ee..809ff499fc 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -3510,6 +3510,20 @@ options_validate(or_options_t *old_options, or_options_t *options,
     return -1;
   }
 
+  /* Inform the hidden service operator that pinning EntryNodes can possibly
+   * be harmful for the service anonymity. */
+  if (options->EntryNodes &&
+      routerset_is_list(options->EntryNodes) &&
+      (options->RendConfigLines != NULL)) {
+    log_warn(LD_CONFIG,
+             "EntryNodes is set with multiple entries and at least one "
+             "hidden service is configured. Pinning entry nodes can possibly "
+             "be harmful to the service anonymity. Because of this, we "
+             "recommend you either don't do that or make sure you know what "
+             "you are doing. For more details, please look at "
+             "https://trac.torproject.org/projects/tor/ticket/21155.");
+  }
+
   /* Single Onion Services: non-anonymous hidden services */
   if (rend_service_non_anonymous_mode_enabled(options)) {
     log_warn(LD_CONFIG,
-- 
cgit v1.2.3-54-g00ecf