diff --git a/changes/bug4862 b/changes/bug4862 new file mode 100644 index 0000000000..e636395be3 --- /dev/null +++ b/changes/bug4862 @@ -0,0 +1,8 @@ + o Major feature (Hidden Service): + - Remove the introduction point adaptative algorithm which is leaking + popularity by changing the amount of introduction points depending on + the amount of traffic the HS sees. With this, we stick to only 3 + introduction points. + - Add the torrc option HiddenServiceNumIntroductionPoints for an + operatory to specify a fix amount of introduction points. Maximum + value is 10 and default is 3. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index e7c08f5046..6cfad56f08 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2177,6 +2177,10 @@ The following options are used to configure a hidden service. only owner is able to read the hidden service directory. (Default: 0) Has no effect on Windows. +[[HiddenServiceNumIntroductionPoints]] **HiddenServiceNumIntroductionPoints** __NUM__:: + Number of introduction points the hidden service will have. You can't + have more than 10. (Default: 3) + TESTING NETWORK OPTIONS ----------------------- diff --git a/src/or/config.c b/src/or/config.c index d81bc532b7..0d6c3003ff 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -288,6 +288,7 @@ static config_var_t option_vars_[] = { VAR("HiddenServiceAllowUnknownPorts",LINELIST_S, RendConfigLines, NULL), VAR("HiddenServiceMaxStreams",LINELIST_S, RendConfigLines, NULL), VAR("HiddenServiceMaxStreamsCloseCircuit",LINELIST_S, RendConfigLines, NULL), + VAR("HiddenServiceNumIntroductionPoints", LINELIST_S, RendConfigLines, NULL), V(HiddenServiceStatistics, BOOL, "0"), V(HidServAuth, LINELIST, NULL), V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"), diff --git a/src/or/rendservice.c b/src/or/rendservice.c index a1c7af6d17..aed01db693 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -87,6 +87,8 @@ struct rend_service_port_config_s { /** Try to maintain this many intro points per service by default. */ #define NUM_INTRO_POINTS_DEFAULT 3 +/** Maximum number of intro points per service. */ +#define NUM_INTRO_POINTS_MAX 10 /** If we can't build our intro circuits, don't retry for this long. */ #define INTRO_CIRC_RETRY_PERIOD (60*5) @@ -577,7 +579,22 @@ rend_config_services(const or_options_t *options, int validate_only) log_info(LD_CONFIG, "HiddenServiceMaxStreamsCloseCircuit=%d for %s", (int)service->max_streams_close_circuit, service->directory); - + } else if (!strcasecmp(line->key, "HiddenServiceNumIntroductionPoints")) { + service->n_intro_points_wanted = + (unsigned int) tor_parse_long(line->value, 10, + NUM_INTRO_POINTS_DEFAULT, + NUM_INTRO_POINTS_MAX, &ok, NULL); + if (!ok) { + log_warn(LD_CONFIG, + "HiddenServiceNumIntroductionPoints " + "should be between %d and %d, not %s", + NUM_INTRO_POINTS_DEFAULT, NUM_INTRO_POINTS_MAX, + line->value); + rend_service_free(service); + return -1; + } + log_info(LD_CONFIG, "HiddenServiceNumIntroductionPoints=%d for %s", + service->n_intro_points_wanted, service->directory); } else if (!strcasecmp(line->key, "HiddenServiceAuthorizeClient")) { /* Parse auth type and comma-separated list of client names and add a * rend_authorized_client_t for each client to the service's list