allow suggested effort to be 0

First (both client and service), make descriptor parsing not fail when suggested_effort is 0. Second (client side), if we get a descriptor with a pow_params section but with suggested_effort of 0, treat it as not requiring a pow. Third (service side), when deciding whether the suggested effort has changed, don't treat "previous suggested effort 0, new suggested effort 0" as a change. An alternative design to resolve 'first' and 'second' above would be to omit the pow_params from the descriptor when suggested_effort is 0, so clients never see the pow_params so they don't compute a pow. But I decided to include a pow_params with an explicit suggested_effort of 0, since this way the client knows the seed etc so they can solve a higher-effort pow if they want. The tradeoff is that the descriptor reveals whether HiddenServicePoWDefensesEnabled is set to 1 for this onion service, even if the AIMD calculation is currently requiring effort 0.
2024-11-30 15:43:32 +01:00 · 2022-09-04 06:48:28 -04:00 · 2022-09-04 06:48:28 -04:00 · 0716cd7cb2
commit 0716cd7cb2
parent d36144ba31
3 changed files with 7 additions and 6 deletions
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@ -675,7 +675,8 @@ send_introduce1(origin_circuit_t *intro_circ,
  /* If the descriptor contains PoW parameters then the service is
   * expecting a PoW solution in the INTRODUCE cell, which we solve here. */
-  if (desc->encrypted_data.pow_params) {
+  if (desc->encrypted_data.pow_params &&
      desc->encrypted_data.pow_params->suggested_effort > 0) {
    log_debug(LD_REND, "PoW params present in descriptor.");
    pow_solution = tor_malloc_zero(sizeof(hs_pow_solution_t));
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@ -2129,7 +2129,7 @@ decode_pow_params(const directory_token_t *tok,
  int ok;
  unsigned long effort =
-      tor_parse_ulong(tok->args[2], 10, 1, UINT32_MAX, &ok, NULL);
+      tor_parse_ulong(tok->args[2], 10, 0, UINT32_MAX, &ok, NULL);
  if (!ok) {
    log_warn(LD_REND, "Unparseable suggested effort %s in PoW params",
             escaped(tok->args[2]));
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@ -2464,16 +2464,16 @@ update_all_descriptors_pow_params(time_t now)
      /* Services SHOULD NOT upload a new descriptor if the suggested
       * effort value changes by less than 15 percent. */
      previous_effort = encrypted->pow_params->suggested_effort;
-      if (pow_state->suggested_effort <= previous_effort * 0.85 ||
+      if (pow_state->suggested_effort < previous_effort * 0.85 ||
-          previous_effort * 1.15 <= pow_state->suggested_effort) {
+          previous_effort * 1.15 < pow_state->suggested_effort) {
        log_info(LD_REND, "Suggested effort changed significantly, "
                          "updating descriptors...");
        encrypted->pow_params->suggested_effort = pow_state->suggested_effort;
        descs_updated = 1;
      } else if (previous_effort != pow_state->suggested_effort) {
        /* The change in suggested effort was not significant enough to
-        warrant updating the descriptors, return 0 to reflect they are
+         * warrant updating the descriptors, return 0 to reflect they are
-        unchanged. */
+         * unchanged. */
        log_info(LD_REND, "Change in suggested effort didn't warrant "
                          "updating descriptors.");
      }