From 6785f0b65a106561a36239d89140bf18be3d7c6c Mon Sep 17 00:00:00 2001 From: David Goulet Date: Mon, 11 May 2015 11:27:30 -0400 Subject: [PATCH] HSDir flag now requires the Stable flag Fixes #8243 --- changes/ticket8243 | 7 +++++++ src/or/dirserv.c | 6 ++++-- 2 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 changes/ticket8243 diff --git a/changes/ticket8243 b/changes/ticket8243 new file mode 100644 index 0000000000..8946a21a59 --- /dev/null +++ b/changes/ticket8243 @@ -0,0 +1,7 @@ + o Minor feature: + - The HSDir flag given by authorities now requires the Stable flag. For + the current network, this results in going from 2887 to 2806 HSDirs. + Also, it makes it harder for an attacker to launch a sybil attack by + raising the effort for a relay to become Stable which takes at the + very least 7 days to do so and by keeping the 96 hours uptime + requirement for HSDir. Implements ticket #8243. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index a024be8342..65bfafba6c 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1278,8 +1278,9 @@ dirserv_thinks_router_is_unreliable(time_t now, } /** Return true iff router should be assigned the "HSDir" flag. - * Right now this means it advertises support for it, it has a high - * uptime, it has a DirPort open, and it's currently considered Running. + * Right now this means it advertises support for it, it has a high uptime, + * it has a DirPort open, it has the Stable flag and it's currently + * considered Running. * * This function needs to be called after router-\>is_running has * been set. @@ -1306,6 +1307,7 @@ dirserv_thinks_router_is_hs_dir(const routerinfo_t *router, uptime = real_uptime(router, now); return (router->wants_to_be_hs_dir && router->dir_port && + node->is_stable && uptime >= get_options()->MinUptimeHidServDirectoryV2 && router_is_active(router, node, now)); }