mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 21:23:58 +01:00
Max HS descriptor size is now 50kb and also consensus param.
This commit is contained in:
parent
7456677a50
commit
e1d7661412
@ -15,6 +15,7 @@
|
||||
#include "config.h"
|
||||
#include "hs_common.h"
|
||||
#include "hs_descriptor.h"
|
||||
#include "networkstatus.h"
|
||||
#include "rendcache.h"
|
||||
|
||||
/* Directory descriptor cache. Map indexed by blinded key. */
|
||||
@ -366,6 +367,18 @@ hs_cache_handle_oom(time_t now, size_t min_remove_bytes)
|
||||
return bytes_removed;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the maximum size of an HS descriptor we are willing to accept as an
|
||||
* HSDir.
|
||||
*/
|
||||
unsigned int
|
||||
hs_cache_get_max_descriptor_size(void)
|
||||
{
|
||||
return (unsigned) networkstatus_get_param(NULL,
|
||||
"HSV3MaxDescriptorSize",
|
||||
HS_DESC_MAX_LEN, 1, INT32_MAX);
|
||||
}
|
||||
|
||||
/* Initialize the hidden service cache subsystem. */
|
||||
void
|
||||
hs_cache_init(void)
|
||||
|
@ -44,6 +44,8 @@ void hs_cache_free_all(void);
|
||||
void hs_cache_clean_as_dir(time_t now);
|
||||
size_t hs_cache_handle_oom(time_t now, size_t min_remove_bytes);
|
||||
|
||||
unsigned int hs_cache_get_max_descriptor_size(void);
|
||||
|
||||
/* Store and Lookup function. They are version agnostic that is depending on
|
||||
* the requested version of the descriptor, it will be re-routed to the
|
||||
* right function. */
|
||||
|
@ -15,6 +15,7 @@
|
||||
#include "ed25519_cert.h" /* Trunnel interface. */
|
||||
#include "parsecommon.h"
|
||||
#include "rendcache.h"
|
||||
#include "hs_cache.h"
|
||||
#include "torcert.h" /* tor_cert_encode_ed22519() */
|
||||
|
||||
/* Constant string value used for the descriptor format. */
|
||||
@ -1700,8 +1701,9 @@ hs_desc_decode_plaintext(const char *encoded,
|
||||
tor_assert(encoded);
|
||||
tor_assert(plaintext);
|
||||
|
||||
/* Check that descriptor is within size limits. */
|
||||
encoded_len = strlen(encoded);
|
||||
if (encoded_len >= HS_DESC_MAX_LEN) {
|
||||
if (encoded_len >= hs_cache_get_max_descriptor_size()) {
|
||||
log_warn(LD_REND, "Service descriptor is too big (%lu bytes)",
|
||||
(unsigned long) encoded_len);
|
||||
goto err;
|
||||
|
@ -54,7 +54,7 @@
|
||||
HS_DESC_ENCRYPTED_SALT_LEN + \
|
||||
HS_DESC_PLAINTEXT_PADDING_MULTIPLE + DIGEST256_LEN
|
||||
/* Maximum length in bytes of a full hidden service descriptor. */
|
||||
#define HS_DESC_MAX_LEN 32768 // XXX justify
|
||||
#define HS_DESC_MAX_LEN 50000 /* 50kb max size */
|
||||
/* The minimum amount of fields a descriptor should contain. The parsing of
|
||||
* the fields are version specific so the only required field, as a generic
|
||||
* view of a descriptor, is 1 that is the version field. */
|
||||
|
Loading…
Reference in New Issue
Block a user