- tor-commits - lists.torproject.org

[tor/release-0.2.2] Forget all rendezvous client state on SIGNAL NEWNYM
by nickm＠torproject.org 29 Apr '11

29 Apr '11

commit 440e48ddf27094e48c401c68c9014eca43b6867e Author: Robert Ransom <rransom.8774(a)gmail.com> Date: Wed Apr 20 02:27:58 2011 -0700 Forget all rendezvous client state on SIGNAL NEWNYM --- changes/forget-rend-descs-on-newnym | 5 ++++ src/or/main.c | 2 + src/or/or.h | 2 + src/or/rendclient.c | 37 +++++++++++++++++++++++++++++++++++ src/or/rendcommon.c | 10 +++++++++ 5 files changed, 56 insertions(+), 0 deletions(-) diff --git a/changes/forget-rend-descs-on-newnym b/changes/forget-rend-descs-on-newnym new file mode 100644 index 0000000..c086973 --- /dev/null +++ b/changes/forget-rend-descs-on-newnym @@ -0,0 +1,5 @@ + o Security fixes: + - Forget all hidden service descriptors cached as a client when + processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on + 0.0.6. + diff --git a/src/or/main.c b/src/or/main.c index 96b7b45..e44fd49 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -785,6 +785,8 @@ signewnym_impl(time_t now) { circuit_expire_all_dirty_circs(); addressmap_clear_transient(); + rend_cache_purge(); + rend_client_cancel_descriptor_fetches(); time_of_last_signewnym = now; signewnym_is_pending = 0; } diff --git a/src/or/or.h b/src/or/or.h index 57e091e..897ad32 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4039,6 +4039,7 @@ int rend_client_introduction_acked(origin_circuit_t *circ, size_t request_len); void rend_client_refetch_renddesc(const char *query); void rend_client_refetch_v2_renddesc(const rend_data_t *rend_query); +void rend_client_cancel_descriptor_fetches(void); int rend_client_remove_intro_point(extend_info_t *failed_intro, const rend_data_t *rend_query); int rend_client_rendezvous_acked(origin_circuit_t *circ, @@ -4137,6 +4138,7 @@ typedef struct rend_cache_entry_t { void rend_cache_init(void); void rend_cache_clean(void); void rend_cache_clean_v2_descs_as_dir(void); +void rend_cache_purge(void); void rend_cache_free_all(void); int rend_valid_service_id(const char *query); int rend_cache_lookup_desc(const char *query, int version, const char **desc, diff --git a/src/or/rendclient.c b/src/or/rendclient.c index 51306b3..37cca14 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -557,8 +557,45 @@ rend_client_refetch_v2_renddesc(const rend_data_t *rend_query) return; } +/** Cancel all rendezvous descriptor fetches currently in progress. + */ +void +rend_client_cancel_descriptor_fetches(void) +{ + smartlist_t *connection_array = get_connection_array(); + + SMARTLIST_FOREACH_BEGIN(connection_array, connection_t *, conn) { + if (conn->type == CONN_TYPE_DIR && + (conn->purpose == DIR_PURPOSE_FETCH_RENDDESC || + conn->purpose == DIR_PURPOSE_FETCH_RENDDESC_V2)) { + /* It's a rendezvous descriptor fetch in progress -- cancel it + * by marking the connection for close. + * + * Even if this connection has already reached EOF, this is + * enough to make sure that if the descriptor hasn't been + * processed yet, it won't be. See the end of + * connection_handle_read; connection_reached_eof (indirectly) + * processes whatever response the connection received. */ + + const rend_data_t *rd = (TO_DIR_CONN(conn))->rend_data; + if (!rd) { + log_warn(LD_BUG | LD_REND, + "Marking for close dir conn fetching rendezvous " + "descriptor for unknown service!"); + } else { + log_debug(LD_REND, "Marking for close dir conn fetching v%d " + "rendezvous descriptor for service %s", + (int)(rd->rend_desc_version), + safe_str(rd->onion_address)); + } + connection_mark_for_close(conn); + } + } SMARTLIST_FOREACH_END(conn); +} + /** Remove failed_intro from ent. If ent now has no intro points, or * service is unrecognized, then launch a new renddesc fetch. + * * Return -1 if error, 0 if no intro points remain or service * unrecognized, 1 if recognized and some intro points remain. diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index d6f5443..ba28cca 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -871,6 +871,16 @@ rend_cache_clean(void) } } +/** Remove ALL entries from the rendezvous service descriptor cache. + */ +void +rend_cache_purge(void) +{ + if (rend_cache) + strmap_free(rend_cache, _rend_cache_entry_free); + rend_cache = strmap_new(); +} + /** Remove all old v2 descriptors and those for which this hidden service * directory is not responsible for any more. */ void

1 0

[tor/release-0.2.2] Fix a bug introduced by purging rend_cache on NEWNYM
by nickm＠torproject.org 29 Apr '11

29 Apr '11

commit f1cf9bd74d225e90ca123eb664c1c5538eedaa03 Author: Robert Ransom <rransom.8774(a)gmail.com> Date: Mon Apr 25 06:38:35 2011 -0700 Fix a bug introduced by purging rend_cache on NEWNYM If the user sent a SIGNAL NEWNYM command after we fetched a rendezvous descriptor, while we were building the introduction-point circuit, we would give up entirely on trying to connect to the hidden service. Original patch by rransom slightly edited to go into 0.2.1 --- src/or/rendclient.c | 25 +++++++++++++++++++++---- 1 files changed, 21 insertions(+), 4 deletions(-) diff --git a/src/or/rendclient.c b/src/or/rendclient.c index ca846d9..fb95efb 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -74,10 +74,27 @@ rend_client_send_introduction(origin_circuit_t *introcirc, if (rend_cache_lookup_entry(introcirc->rend_data->onion_address, -1, &entry) < 1) { - log_warn(LD_REND, - "query %s didn't have valid rend desc in cache. Failing.", - escaped_safe_str(introcirc->rend_data->onion_address)); - goto perm_err; + log_info(LD_REND, + "query %s didn't have valid rend desc in cache. " + "Refetching descriptor.", + safe_str(introcirc->rend_data->onion_address)); + /* Fetch both v0 and v2 rend descriptors in parallel. Use whichever + * arrives first. Exception: When using client authorization, only + * fetch v2 descriptors.*/ + rend_client_refetch_v2_renddesc(introcirc->rend_data); + if (introcirc->rend_data->auth_type == REND_NO_AUTH) + rend_client_refetch_renddesc(introcirc->rend_data->onion_address); + { + connection_t *conn; + + while ((conn = connection_get_by_type_state_rendquery(CONN_TYPE_AP, + AP_CONN_STATE_CIRCUIT_WAIT, + introcirc->rend_data->onion_address, -1))) { + conn->state = AP_CONN_STATE_RENDDESC_WAIT; + } + } + + return -1; } /* first 20 bytes of payload are the hash of Bob's pk */

1 0

[tor/release-0.2.2] Fix a failure case of connection_ap_handshake_attach_circuit()
by nickm＠torproject.org 29 Apr '11

29 Apr '11

commit 8a36f2125137dc31a0771a8eeac0f2bb8c1343d0 Author: Sebastian Hahn <sebastian(a)torproject.org> Date: Thu Apr 28 01:48:25 2011 +0200 Fix a failure case of connection_ap_handshake_attach_circuit() tor_fragile_assert() might be a no-op, so we have to return something here to indicate failure to the caller. --- src/or/circuituse.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 247aca7..6a9c397 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -1573,6 +1573,7 @@ connection_ap_handshake_attach_circuit(edge_connection_t *conn) return -1; default: /* oops */ tor_fragile_assert(); + return -1; } } }

1 0

[tor/release-0.2.2] Allow rend_client_send_introduction to fail transiently
by nickm＠torproject.org 29 Apr '11

29 Apr '11

commit 2ad18ae7366ce4979b44fa53d0105940005489c0 Author: Robert Ransom <rransom.8774(a)gmail.com> Date: Mon Apr 25 08:36:02 2011 -0700 Allow rend_client_send_introduction to fail transiently i.e. without closing the AP connection. --- changes/forget-rend-descs-on-newnym | 4 ++++ src/or/circuituse.c | 18 ++++++++++++------ src/or/rendclient.c | 20 ++++++++++---------- 3 files changed, 26 insertions(+), 16 deletions(-) diff --git a/changes/forget-rend-descs-on-newnym b/changes/forget-rend-descs-on-newnym index c086973..ab2fd61 100644 --- a/changes/forget-rend-descs-on-newnym +++ b/changes/forget-rend-descs-on-newnym @@ -2,4 +2,8 @@ - Forget all hidden service descriptors cached as a client when processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on 0.0.6. + o Code simplifications and refactoring: + - Allow rend_client_send_introduction to fail without closing the + AP connection permanently. + diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 996c99c..247aca7 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -1560,14 +1560,20 @@ connection_ap_handshake_attach_circuit(edge_connection_t *conn) "introduction. (stream %d sec old)", introcirc->_base.n_circ_id, rendcirc->_base.n_circ_id, conn_age); - if (rend_client_send_introduction(introcirc, rendcirc) < 0) { + switch (rend_client_send_introduction(introcirc, rendcirc)) { + case 0: /* success */ + rendcirc->_base.timestamp_dirty = time(NULL); + introcirc->_base.timestamp_dirty = time(NULL); + assert_circuit_ok(TO_CIRCUIT(rendcirc)); + assert_circuit_ok(TO_CIRCUIT(introcirc)); + return 0; + case -1: /* transient error */ + return 0; + case -2: /* permanent error */ return -1; + default: /* oops */ + tor_fragile_assert(); } - rendcirc->_base.timestamp_dirty = time(NULL); - introcirc->_base.timestamp_dirty = time(NULL); - assert_circuit_ok(TO_CIRCUIT(rendcirc)); - assert_circuit_ok(TO_CIRCUIT(introcirc)); - return 0; } } diff --git a/src/or/rendclient.c b/src/or/rendclient.c index 37cca14..ca846d9 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -77,7 +77,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc, log_warn(LD_REND, "query %s didn't have valid rend desc in cache. Failing.", escaped_safe_str(introcirc->rend_data->onion_address)); - goto err; + goto perm_err; } /* first 20 bytes of payload are the hash of Bob's pk */ @@ -115,13 +115,13 @@ rend_client_send_introduction(origin_circuit_t *introcirc, log_info(LD_REND, "Internal error: could not find intro key; we " "only have a v2 rend desc with %d intro points.", num_intro_points); - goto err; + goto perm_err; } } } if (crypto_pk_get_digest(intro_key, payload)<0) { log_warn(LD_BUG, "Internal error: couldn't hash public key."); - goto err; + goto perm_err; } /* Initialize the pending_final_cpath and start the DH handshake. */ @@ -132,11 +132,11 @@ rend_client_send_introduction(origin_circuit_t *introcirc, cpath->magic = CRYPT_PATH_MAGIC; if (!(cpath->dh_handshake_state = crypto_dh_new(DH_TYPE_REND))) { log_warn(LD_BUG, "Internal error: couldn't allocate DH."); - goto err; + goto perm_err; } if (crypto_dh_generate_public(cpath->dh_handshake_state)<0) { log_warn(LD_BUG, "Internal error: couldn't generate g^x."); - goto err; + goto perm_err; } } @@ -186,7 +186,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc, if (crypto_dh_get_public(cpath->dh_handshake_state, tmp+dh_offset, DH_KEY_LEN)<0) { log_warn(LD_BUG, "Internal error: couldn't extract g^x."); - goto err; + goto perm_err; } note_crypto_pk_op(REND_CLIENT); @@ -199,7 +199,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc, PK_PKCS1_OAEP_PADDING, 0); if (r<0) { log_warn(LD_BUG,"Internal error: hybrid pk encrypt failed."); - goto err; + goto perm_err; } payload_len = DIGEST_LEN + r; @@ -212,17 +212,17 @@ rend_client_send_introduction(origin_circuit_t *introcirc, introcirc->cpath->prev)<0) { /* introcirc is already marked for close. leave rendcirc alone. */ log_warn(LD_BUG, "Couldn't send INTRODUCE1 cell"); - return -1; + return -2; } /* Now, we wait for an ACK or NAK on this circuit. */ introcirc->_base.purpose = CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT; return 0; -err: +perm_err: circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL); circuit_mark_for_close(TO_CIRCUIT(rendcirc), END_CIRC_REASON_INTERNAL); - return -1; + return -2; } /** Called when a rendezvous circuit is open; sends a establish

1 0

[tor/release-0.2.2] Don't report empty bw-history lines in extrainfo
by nickm＠torproject.org 29 Apr '11

29 Apr '11

commit c1927d7d5f5dff5b8d7da5bd4e7a743eb06bcbb3 Author: Sebastian Hahn <sebastian(a)torproject.org> Date: Sat Apr 16 16:01:36 2011 +0200 Don't report empty bw-history lines in extrainfo Some tor relays would report lines like these in their extrainfo documents: dirreq-write-history 2011-03-14 16:46:44 (900 s) This was confusing to some people who look at the stats. It would happen whenever a relay first starts up, or when a relay has dirport disabled. Change this so that lines without actual bw entries are omitted. Implements ticket 2497. --- changes/ticket2497 | 4 ++++ src/or/rephist.c | 14 ++++++++++++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/changes/ticket2497 b/changes/ticket2497 new file mode 100644 index 0000000..5117141 --- /dev/null +++ b/changes/ticket2497 @@ -0,0 +1,4 @@ + o Minor features: + - Ensure that no empty [dirreq-](read|write)-history lines are added + to an extrainfo document. Implements ticket 2497. + diff --git a/src/or/rephist.c b/src/or/rephist.c index 9b7eefe..b55797a 100644 --- a/src/or/rephist.c +++ b/src/or/rephist.c @@ -1524,10 +1524,15 @@ rep_hist_get_bandwidth_lines(void) size_t len; /* opt [dirreq-](read|write)-history yyyy-mm-dd HH:MM:SS (n s) n,n,n... */ - len = (67+21*NUM_TOTALS)*4; +/* The n,n,n part above. Largest representation of a uint64_t is 20 chars + * long, plus the comma. */ +#define MAX_HIST_VALUE_LEN 21*NUM_TOTALS + len = (67+MAX_HIST_VALUE_LEN)*4; buf = tor_malloc_zero(len); cp = buf; for (r=0;r<4;++r) { + char tmp[MAX_HIST_VALUE_LEN]; + size_t slen; switch (r) { case 0: b = write_array; @@ -1547,11 +1552,16 @@ rep_hist_get_bandwidth_lines(void) break; } tor_assert(b); + slen = rep_hist_fill_bandwidth_history(tmp, MAX_HIST_VALUE_LEN, b); + /* If we don't have anything to write, skip to the next entry. */ + if (slen == 0) + continue; format_iso_time(t, b->next_period-NUM_SECS_BW_SUM_INTERVAL); tor_snprintf(cp, len-(cp-buf), "%s %s (%d s) ", desc, t, NUM_SECS_BW_SUM_INTERVAL); cp += strlen(cp); - cp += rep_hist_fill_bandwidth_history(cp, len-(cp-buf), b); + strlcat(cp, tmp, len-(cp-buf)); + cp += slen; strlcat(cp, "\n", len-(cp-buf)); ++cp; }

1 0

[tor/release-0.2.2] Add an XXX to the DA code regarding bug 2722
by nickm＠torproject.org 29 Apr '11

29 Apr '11

commit 134da2fbcf865418863bda8d4c479a20f6f6651d Author: Robert Ransom <rransom.8774(a)gmail.com> Date: Mon Apr 18 12:00:48 2011 -0700 Add an XXX to the DA code regarding bug 2722 --- src/or/dirserv.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index f65f258..525524c 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1811,6 +1811,8 @@ dirserv_thinks_router_is_hs_dir(routerinfo_t *router, time_t now) * bug 1693. In the future, once relays set wants_to_be_hs_dir * correctly, we can revert to only checking dir_port if router's * version is too old. */ + /* XXX Unfortunately, we need to keep checking dir_port until all + * *clients* suffering from bug 2722 are obsolete. */ return (router->wants_to_be_hs_dir && router->dir_port && uptime > get_options()->MinUptimeHidServDirectoryV2 && router->is_running);

1 0

[tor/release-0.2.2] Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING
by nickm＠torproject.org 29 Apr '11

29 Apr '11

commit 43ffd023e9267927539dc9c12bee86199cd1c800 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Apr 26 13:00:46 2011 -0400 Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING None of the comparisons were _broken_ previously, but avoiding signed/unsigned comparisons makes everybody happier. Fixes bug2475. --- changes/bug2475 | 5 +++++ src/common/crypto.c | 2 +- src/common/torint.h | 4 +++- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/changes/bug2475 b/changes/bug2475 new file mode 100644 index 0000000..d6f0595 --- /dev/null +++ b/changes/bug2475 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned. + (None of the cases where we did this before were wrong, but by making + this change we can avoid warnings.) Fixes bug2475; bugfix on + Tor 0.2.1.28. diff --git a/src/common/crypto.c b/src/common/crypto.c index 48c8dea..838347e 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -452,7 +452,7 @@ crypto_pk_read_private_key_from_string(crypto_pk_env_t *env, tor_assert(env); tor_assert(s); - tor_assert(len < INT_MAX && len < SIZE_T_CEILING); + tor_assert(len < INT_MAX && len < SSIZE_T_CEILING); /* Create a read-only memory BIO, backed by the string 's' */ b = BIO_new_mem_buf((char*)s, (int)len); diff --git a/src/common/torint.h b/src/common/torint.h index 2a9fba6..d489684 100644 --- a/src/common/torint.h +++ b/src/common/torint.h @@ -330,8 +330,10 @@ typedef uint32_t uintptr_t; #endif #endif +/* Any ssize_t larger than this amount is likely to be an underflow. */ +#define SSIZE_T_CEILING ((ssize_t)(SSIZE_T_MAX-16)) /* Any size_t larger than this amount is likely to be an underflow. */ -#define SIZE_T_CEILING (SSIZE_T_MAX-16) +#define SIZE_T_CEILING ((size_t)(SSIZE_T_MAX-16)) #endif /* __TORINT_H */

1 0

[tor/release-0.2.2] Fix clear_trackhostexits_mapping() to actually work as advertised
by nickm＠torproject.org 29 Apr '11

29 Apr '11

commit 34510f9278675e6e041503e425ca19a1fa0f3616 Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Apr 27 17:21:41 2011 -0400 Fix clear_trackhostexits_mapping() to actually work as advertised Previously, it would remove every trackhostexits-derived mapping *from* xyz.<exitname>.exit; it was supposed to remove every trackhostexits-derived mapping *to* xyz.<exitname>.exit. Bugfix on 0.2.0.20-rc: fixes an XXX020 added while staring at bug-1090 issues. --- changes/clear_trackexithost | 5 +++++ src/or/connection_edge.c | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/changes/clear_trackexithost b/changes/clear_trackexithost new file mode 100644 index 0000000..701d369 --- /dev/null +++ b/changes/clear_trackexithost @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Fix a bug in the code where we could keep trying to use a + TrackHostExits-based mapping after we failed to reach the intended + destination node. Bugfix on 0.2.0.20-rc. + diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 082cd5f..2c1196c 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -799,8 +799,8 @@ clear_trackexithost_mappings(const char *exitname) tor_strlower(suffix); STRMAP_FOREACH_MODIFY(addressmap, address, addressmap_entry_t *, ent) { - /* XXXX022 HEY! Shouldn't this look at ent->new_address? */ - if (ent->source == ADDRMAPSRC_TRACKEXIT && !strcmpend(address, suffix)) { + if (ent->source == ADDRMAPSRC_TRACKEXIT && + !strcmpend(ent->new_address, suffix)) { addressmap_ent_remove(address, ent); MAP_DEL_CURRENT(address); }

1 0

[tor/release-0.2.2] Revert "If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port."
by nickm＠torproject.org 29 Apr '11

29 Apr '11

commit a6cc15e2aedfc370fc0328edd375a869338ee4f1 Author: Robert Ransom <rransom.8774(a)gmail.com> Date: Sat Mar 12 07:17:26 2011 -0800 Revert "If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port." This reverts commit 9a7098487b2c25f36112b3521758f42621dcd6af. Conflicts: ChangeLog (left unchanged by this commit) --- src/or/routerlist.c | 10 ++-------- 1 files changed, 2 insertions(+), 8 deletions(-) diff --git a/src/or/routerlist.c b/src/or/routerlist.c index fb8fb88..5e9c82a 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -5335,7 +5335,6 @@ hid_serv_get_responsible_directories(smartlist_t *responsible_dirs, { int start, found, n_added = 0, i; networkstatus_t *c = networkstatus_get_latest_consensus(); - int use_begindir = get_options()->TunnelDirConns; if (!c || !smartlist_len(c->routerstatus_list)) { log_warn(LD_REND, "We don't have a consensus, so we can't perform v2 " "rendezvous operations."); @@ -5348,14 +5347,9 @@ hid_serv_get_responsible_directories(smartlist_t *responsible_dirs, do { routerstatus_t *r = smartlist_get(c->routerstatus_list, i); if (r->is_hs_dir) { - if (r->dir_port || use_begindir) - smartlist_add(responsible_dirs, r); - else - log_info(LD_REND, "Not adding router '%s' to list of responsible " - "hidden service directories, because we have no way of " - "reaching it.", r->nickname); + smartlist_add(responsible_dirs, r); if (++n_added == REND_NUMBER_OF_CONSECUTIVE_REPLICAS) - break; + return 0; } if (++i == smartlist_len(c->routerstatus_list)) i = 0;

1 0

[tor/release-0.2.2] Add changes file for previous commit
by nickm＠torproject.org 29 Apr '11

29 Apr '11

commit eb50e3d6bf6eb9880f92050cb0db849394bd6cb0 Author: Robert Ransom <rransom.8774(a)gmail.com> Date: Sat Mar 12 07:29:04 2011 -0800 Add changes file for previous commit --- changes/bug2722 | 11 +++++++++++ 1 files changed, 11 insertions(+), 0 deletions(-) diff --git a/changes/bug2722 b/changes/bug2722 new file mode 100644 index 0000000..ed132fc --- /dev/null +++ b/changes/bug2722 @@ -0,0 +1,11 @@ + o Minor bugfixes + - Ignore the TunnelDirConns option when determining which HSDir + relays are responsible for a hidden service descriptor ID. + Currently, clients and hidden services with TunnelDirConns off + will skip over HSDir relays which do not advertise a DirPort + when making a list of HSDirs responsible for a descriptor ID, + even though they would never try to use a HSDir's DirPort to + upload or fetch a hidden service descriptor. Fixes bug 2722; + bugfix on 0.2.1.6-alpha. + +

1 0