commit 50f64ea0a1a03d50928774d9fb855cedccb1c60a Author: teor teor2345@gmail.com Date: Tue Sep 12 17:02:29 2017 +1000
Add additional networks with v3 Onion Services
These networks are part of tor's 22437, which adds v3 onion service support to make test-network-all. --- networks/hs-v2-min | 19 +++++++++++++++++++ networks/hs-v23-ipv6 | 26 ++++++++++++++++++++++++++ networks/hs-v23-min | 18 ++++++++++++++++++ networks/hs-v3-ipv6 | 25 +++++++++++++++++++++++++ networks/mixed+hs-v2 | 21 +++++++++++++++++++++ networks/mixed+hs-v23 | 24 ++++++++++++++++++++++++ networks/mixed+hs-v3 | 21 +++++++++++++++++++++ networks/single-onion-v23 | 18 ++++++++++++++++++ networks/single-onion-v23-ipv6 | 27 +++++++++++++++++++++++++++ networks/single-onion-v3 | 17 +++++++++++++++++ networks/single-onion-v3-ipv6 | 25 +++++++++++++++++++++++++ 11 files changed, 241 insertions(+)
diff --git a/networks/hs-v2-min b/networks/hs-v2-min new file mode 100644 index 0000000..fb68be8 --- /dev/null +++ b/networks/hs-v2-min @@ -0,0 +1,19 @@ +# Identical to hs-min, but called hs-v2-min so failures are easier to diagnose + +# By default, Authorities are not configured as exits +Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl") +NonExitRelay = Node(tag="r", relay=1, torrc="relay-non-exit.tmpl") +Client = Node(tag="c", torrc="client.tmpl") +HS = Node(tag="h", hs=1, torrc="hs.tmpl") + +# Since only 25% of relays get the guard flag, +# TestingDirAuthVoteGuard * may need to be used in small networks + +# A hidden service needs 5 authorities/relays to ensure it can build HS +# connections: +# a minimum path length of 3, plus the client-nominated rendezvous point, +# plus a seperate introduction point +NODES = Authority.getN(2) + NonExitRelay.getN(3) + \ + Client.getN(1) + HS.getN(1) + +ConfigureNodes(NODES) diff --git a/networks/hs-v23-ipv6 b/networks/hs-v23-ipv6 new file mode 100644 index 0000000..b95123c --- /dev/null +++ b/networks/hs-v23-ipv6 @@ -0,0 +1,26 @@ +import os +# By default, Authorities are not configured as exits +Authority6 = Node(tag="a", authority=1, relay=1, + ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6', + '[::1]'), + torrc="authority-orport-v6.tmpl") +NonExitRelay6 = Node(tag="r", relay=1, + ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6', + '[::1]'), + torrc="relay-orport-v6-non-exit.tmpl") +Client = Node(tag="c", torrc="client.tmpl") +Client6 = Node(tag="c", torrc="client-only-v6.tmpl") +HSv2IPv6 = Node(tag="h", hs=1, torrc="hs-only-v6.tmpl") +HSv3IPv6 = Node(tag="h", hs=1, torrc="hs3-only-v6.tmpl") + +# Since only 25% of relays get the guard flag, +# TestingDirAuthVoteGuard * may need to be used in small networks + +# A hidden service needs 5 authorities/relays to ensure it can build HS +# connections: +# a minimum path length of 3, plus the client-nominated rendezvous point, +# plus a seperate introduction point +NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \ + Client.getN(1) + Client6.getN(1) + HSv2IPv6.getN(1) + HSv3IPv6.getN(1) + +ConfigureNodes(NODES) diff --git a/networks/hs-v23-min b/networks/hs-v23-min new file mode 100644 index 0000000..91338e8 --- /dev/null +++ b/networks/hs-v23-min @@ -0,0 +1,18 @@ +# By default, Authorities are not configured as exits +Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl") +NonExitRelay = Node(tag="r", relay=1, torrc="relay-non-exit.tmpl") +Client = Node(tag="c", torrc="client.tmpl") +HSv2 = Node(tag="h", hs=1, torrc="hs.tmpl") +HSv3 = Node(tag="h", hs=1, torrc="hs-v3.tmpl") + +# Since only 25% of relays get the guard flag, +# TestingDirAuthVoteGuard * may need to be used in small networks + +# A hidden service needs 5 authorities/relays to ensure it can build HS +# connections: +# a minimum path length of 3, plus the client-nominated rendezvous point, +# plus a seperate introduction point +NODES = Authority.getN(2) + NonExitRelay.getN(3) + \ + Client.getN(1) + HSv2.getN(1) + HSv3.getN(1) + +ConfigureNodes(NODES) diff --git a/networks/hs-v3-ipv6 b/networks/hs-v3-ipv6 new file mode 100644 index 0000000..e606e53 --- /dev/null +++ b/networks/hs-v3-ipv6 @@ -0,0 +1,25 @@ +import os +# By default, Authorities are not configured as exits +Authority6 = Node(tag="a", authority=1, relay=1, + ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6', + '[::1]'), + torrc="authority-orport-v6.tmpl") +NonExitRelay6 = Node(tag="r", relay=1, + ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6', + '[::1]'), + torrc="relay-orport-v6-non-exit.tmpl") +Client = Node(tag="c", torrc="client.tmpl") +Client6 = Node(tag="c", torrc="client-only-v6.tmpl") +HS6 = Node(tag="h", hs=1, torrc="hs3-only-v6.tmpl") + +# Since only 25% of relays get the guard flag, +# TestingDirAuthVoteGuard * may need to be used in small networks + +# A hidden service needs 5 authorities/relays to ensure it can build HS +# connections: +# a minimum path length of 3, plus the client-nominated rendezvous point, +# plus a seperate introduction point +NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \ + Client.getN(1) + Client6.getN(1) + HS6.getN(1) + +ConfigureNodes(NODES) diff --git a/networks/mixed+hs-v2 b/networks/mixed+hs-v2 new file mode 100644 index 0000000..5afafde --- /dev/null +++ b/networks/mixed+hs-v2 @@ -0,0 +1,21 @@ +OLD_TOR="tor-stable" +# By default, Authorities are not configured as exits +Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl") +OldAuthority = Node(tag="aOLD", authority=1, relay=1, torrc="authority.tmpl", + tor=OLD_TOR) +Relay = Node(tag="r", relay=1, exit=1, torrc="relay.tmpl") +OldRelay = Node(tag="rOLD", relay=1, exit=1, torrc="relay.tmpl", + tor=OLD_TOR) +Client = Node(tag="c", torrc="client.tmpl") +OldClient = Node(tag="cOLD", torrc="client.tmpl", tor=OLD_TOR) +HSv2 = Node(tag="h", hs=1, torrc="hs.tmpl") +OldHSv2 = Node(tag="hOLD", hs=1, torrc="hs.tmpl", tor=OLD_TOR) + +# We need 8 authorities/relays/exits to ensure at least 2 get the guard flag +# in 0.2.6 +NODES = Authority.getN(2) + OldAuthority.getN(2) + \ + Relay.getN(2) + OldRelay.getN(2) + \ + Client.getN(1) + OldClient.getN(1) + \ + HSv2.getN(1) + OldHSv2.getN(1) + +ConfigureNodes(NODES) diff --git a/networks/mixed+hs-v23 b/networks/mixed+hs-v23 new file mode 100644 index 0000000..ca4dd2f --- /dev/null +++ b/networks/mixed+hs-v23 @@ -0,0 +1,24 @@ +OLD_TOR="tor-stable" +# By default, Authorities are not configured as exits +Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl") +OldAuthority = Node(tag="aOLD", authority=1, relay=1, torrc="authority.tmpl", + tor=OLD_TOR) +Relay = Node(tag="r", relay=1, exit=1, torrc="relay.tmpl") +OldRelay = Node(tag="rOLD", relay=1, exit=1, torrc="relay.tmpl", + tor=OLD_TOR) +Client = Node(tag="c", torrc="client.tmpl") +OldClient = Node(tag="cOLD", torrc="client.tmpl", tor=OLD_TOR) +HSv2 = Node(tag="h", hs=1, torrc="hs.tmpl") +OldHSv2 = Node(tag="hOLD", hs=1, torrc="hs.tmpl", tor=OLD_TOR) +# Old tor versions don't have HSv3 support yet +HSv3 = Node(tag="h", hs=1, torrc="hs-v3.tmpl") + +# We need 8 authorities/relays/exits to ensure at least 2 get the guard flag +# in 0.2.6 +NODES = Authority.getN(2) + OldAuthority.getN(2) + \ + Relay.getN(2) + OldRelay.getN(2) + \ + Client.getN(1) + OldClient.getN(1) + \ + HSv2.getN(1) + OldHSv2.getN(1) + \ + HSv3.getN(1) + +ConfigureNodes(NODES) diff --git a/networks/mixed+hs-v3 b/networks/mixed+hs-v3 new file mode 100644 index 0000000..e9dcf5d --- /dev/null +++ b/networks/mixed+hs-v3 @@ -0,0 +1,21 @@ +OLD_TOR="tor-stable" +# By default, Authorities are not configured as exits +Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl") +OldAuthority = Node(tag="aOLD", authority=1, relay=1, torrc="authority.tmpl", + tor=OLD_TOR) +Relay = Node(tag="r", relay=1, exit=1, torrc="relay.tmpl") +OldRelay = Node(tag="rOLD", relay=1, exit=1, torrc="relay.tmpl", + tor=OLD_TOR) +Client = Node(tag="c", torrc="client.tmpl") +OldClient = Node(tag="cOLD", torrc="client.tmpl", tor=OLD_TOR) +# Old tor versions don't have HSv3 support yet +HSv3 = Node(tag="h", hs=1, torrc="hs-v3.tmpl") + +# We need 8 authorities/relays/exits to ensure at least 2 get the guard flag +# in 0.2.6 +NODES = Authority.getN(2) + OldAuthority.getN(2) + \ + Relay.getN(2) + OldRelay.getN(2) + \ + Client.getN(1) + OldClient.getN(1) + \ + HSv3.getN(1) + +ConfigureNodes(NODES) diff --git a/networks/single-onion-v23 b/networks/single-onion-v23 new file mode 100644 index 0000000..6816c94 --- /dev/null +++ b/networks/single-onion-v23 @@ -0,0 +1,18 @@ +# By default, Authorities are not configured as exits +Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl") +NonExitRelay = Node(tag="r", relay=1, torrc="relay-non-exit.tmpl") +Client = Node(tag="c", torrc="client.tmpl") +SingleOnionv2 = Node(tag="h", hs=1, torrc="single-onion.tmpl") +SingleOnionv3 = Node(tag="h", hs=1, torrc="single-onion-v3.tmpl") + +# Since only 25% of relays get the guard flag, +# TestingDirAuthVoteGuard * may need to be used in small networks + +# A hidden service needs 5 authorities/relays to ensure it can build HS +# connections: +# a minimum path length of 3, plus the client-nominated rendezvous point, +# plus a seperate introduction point +NODES = Authority.getN(2) + NonExitRelay.getN(3) + \ + Client.getN(1) + SingleOnionv2.getN(1) + SingleOnionv3.getN(1) + +ConfigureNodes(NODES) diff --git a/networks/single-onion-v23-ipv6 b/networks/single-onion-v23-ipv6 new file mode 100644 index 0000000..b88f867 --- /dev/null +++ b/networks/single-onion-v23-ipv6 @@ -0,0 +1,27 @@ +import os +# By default, Authorities are not configured as exits +Authority6 = Node(tag="a", authority=1, relay=1, + ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6', + '[::1]'), + torrc="authority-orport-v6.tmpl") +NonExitRelay6 = Node(tag="r", relay=1, + ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6', + '[::1]'), + torrc="relay-orport-v6-non-exit.tmpl") +Client = Node(tag="c", torrc="client.tmpl") +Client6 = Node(tag="c", torrc="client-only-v6.tmpl") +SingleOnionv2IPv6 = Node(tag="h", hs=1, torrc="single-onion-only-v6.tmpl") +SingleOnionv3IPv6 = Node(tag="h", hs=1, torrc="single-onion-v3-only-v6.tmpl") + +# Since only 25% of relays get the guard flag, +# TestingDirAuthVoteGuard * may need to be used in small networks + +# A hidden service needs 5 authorities/relays to ensure it can build HS +# connections: +# a minimum path length of 3, plus the client-nominated rendezvous point, +# plus a seperate introduction point +NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \ + Client.getN(1) + Client6.getN(1) + \ + SingleOnionv2IPv6.getN(1) + SingleOnionv3IPv6.getN(1) + +ConfigureNodes(NODES) diff --git a/networks/single-onion-v3 b/networks/single-onion-v3 new file mode 100644 index 0000000..e282b80 --- /dev/null +++ b/networks/single-onion-v3 @@ -0,0 +1,17 @@ +# By default, Authorities are not configured as exits +Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl") +NonExitRelay = Node(tag="r", relay=1, torrc="relay-non-exit.tmpl") +Client = Node(tag="c", torrc="client.tmpl") +SingleOnion = Node(tag="h", hs=1, torrc="single-onion-v3.tmpl") + +# Since only 25% of relays get the guard flag, +# TestingDirAuthVoteGuard * may need to be used in small networks + +# A hidden service needs 5 authorities/relays to ensure it can build HS +# connections: +# a minimum path length of 3, plus the client-nominated rendezvous point, +# plus a seperate introduction point +NODES = Authority.getN(2) + NonExitRelay.getN(3) + \ + Client.getN(1) + SingleOnion.getN(1) + +ConfigureNodes(NODES) diff --git a/networks/single-onion-v3-ipv6 b/networks/single-onion-v3-ipv6 new file mode 100644 index 0000000..9a8dd3a --- /dev/null +++ b/networks/single-onion-v3-ipv6 @@ -0,0 +1,25 @@ +import os +# By default, Authorities are not configured as exits +Authority6 = Node(tag="a", authority=1, relay=1, + ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6', + '[::1]'), + torrc="authority-orport-v6.tmpl") +NonExitRelay6 = Node(tag="r", relay=1, + ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6', + '[::1]'), + torrc="relay-orport-v6-non-exit.tmpl") +Client = Node(tag="c", torrc="client.tmpl") +Client6 = Node(tag="c", torrc="client-only-v6.tmpl") +SingleOnionv3IPv6 = Node(tag="h", hs=1, torrc="single-onion-v3-only-v6.tmpl") + +# Since only 25% of relays get the guard flag, +# TestingDirAuthVoteGuard * may need to be used in small networks + +# A hidden service needs 5 authorities/relays to ensure it can build HS +# connections: +# a minimum path length of 3, plus the client-nominated rendezvous point, +# plus a seperate introduction point +NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \ + Client.getN(1) + Client6.getN(1) + SingleOnionv3IPv6.getN(1) + +ConfigureNodes(NODES)