mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
hs: Republish onion descriptor on sendme_inc change
Republishing is necessary to ensure that clients connect using the correct sendme_inc upon any change. Additionally, introduction points must be re-chosen, so that cached descriptors with old values are not usable. We do not expect to change sendme_inc, unless cell size or TLS record size changes, so this should be rare. Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
parent
89f5eeefb8
commit
0eaf0e8a31
@ -16,6 +16,7 @@
|
||||
#include "core/or/circuitbuild.h"
|
||||
#include "core/or/circuitlist.h"
|
||||
#include "core/or/circuituse.h"
|
||||
#include "core/or/congestion_control_common.h"
|
||||
#include "core/or/extendinfo.h"
|
||||
#include "core/or/relay.h"
|
||||
#include "feature/client/circpathbias.h"
|
||||
@ -3690,6 +3691,34 @@ hs_service_map_has_changed(void)
|
||||
rescan_periodic_events(get_options());
|
||||
}
|
||||
|
||||
/** Called when a new consensus has arrived and has been set globally. The new
|
||||
* consensus is pointed by ns. */
|
||||
void
|
||||
hs_service_new_consensus_params(const networkstatus_t *ns)
|
||||
{
|
||||
tor_assert(ns);
|
||||
|
||||
/* This value is the new value from the consensus. */
|
||||
uint8_t current_sendme_inc = congestion_control_sendme_inc();
|
||||
|
||||
if (!hs_service_map)
|
||||
return;
|
||||
|
||||
/* Check each service and look if their descriptor contains a different
|
||||
* sendme increment. If so, nuke all intro points by forcing an expiration
|
||||
* which will lead to rebuild and reupload with the new value. */
|
||||
FOR_EACH_SERVICE_BEGIN(service) {
|
||||
FOR_EACH_DESCRIPTOR_BEGIN(service, desc) {
|
||||
if (desc->desc &&
|
||||
desc->desc->encrypted_data.sendme_inc != current_sendme_inc) {
|
||||
/* Passing the maximum time_t will force expiration of all intro points
|
||||
* and thus will lead to a rebuild of the descriptor. */
|
||||
cleanup_intro_points(service, LONG_MAX);
|
||||
}
|
||||
} FOR_EACH_DESCRIPTOR_END;
|
||||
} FOR_EACH_SERVICE_END;
|
||||
}
|
||||
|
||||
/** Upload an encoded descriptor in encoded_desc of the given version. This
|
||||
* descriptor is for the service identity_pk and blinded_pk used to setup the
|
||||
* directory connection identifier. It is uploaded to the directory hsdir_rs
|
||||
|
@ -355,6 +355,7 @@ smartlist_t *hs_service_get_metrics_stores(void);
|
||||
|
||||
void hs_service_map_has_changed(void);
|
||||
void hs_service_dir_info_changed(void);
|
||||
void hs_service_new_consensus_params(const networkstatus_t *ns);
|
||||
void hs_service_run_scheduled_events(time_t now);
|
||||
void hs_service_circuit_has_opened(origin_circuit_t *circ);
|
||||
int hs_service_receive_intro_established(origin_circuit_t *circ,
|
||||
|
@ -1704,6 +1704,7 @@ notify_after_networkstatus_changes(void)
|
||||
router_new_consensus_params(c);
|
||||
congestion_control_new_consensus_params(c);
|
||||
flow_control_new_consensus_params(c);
|
||||
hs_service_new_consensus_params(c);
|
||||
|
||||
/* Maintenance of our L2 guard list */
|
||||
maintain_layer2_guards();
|
||||
|
Loading…
Reference in New Issue
Block a user