[torspec/master] Add a NonAnonymous flag to ADD_ONION in control-spec - tor-commits

13 Sep 2016

commit b8fe774cb5d2d4b5ecc6edc0c0b1c7f82e363a77
Author: teor teor2345@gmail.com
Date:   Wed Sep 7 15:34:28 2016 +1000
Add a NonAnonymous flag to ADD_ONION in control-spec
Tor checks that the flag matches the onion service anonymity configured
    using OnionServiceSingleHopMode and OnionServiceNonAnonymousMode.
Tor refuses to create unflagged onion service using ADD_ONION, if they
    would be non-anonymous. The error is:
    512 Tor is in non-anonymous onion mode
Similarly, if the NonAnonymous flag is present, and Tor has the default
    anonymous onion config:
    512 Tor is in anonymous onion mode
---
 control-spec.txt | 34 +++++++++++++++++++++++++++++++++-
 1 file changed, 33 insertions(+), 1 deletion(-)

diff --git a/control-spec.txt b/control-spec.txt
index 37c6484..82524bb 100644
--- a/control-spec.txt
+++ b/control-spec.txt
@@ -1456,8 +1456,11 @@
                      private key as part of the response.
      "Detach"    / ; Do not associate the newly created Onion Service
                      to the current control connection.
-     "BasicAuth"   ; Client authorization is required using the "basic"
+     "BasicAuth" / ; Client authorization is required using the "basic"
                      method.
+     "NonAnonymous"; Add a non-anonymous Single Onion Service. Tor
+                     checks this flag matches its configured hidden
+                     service anonymity mode.
VirtPort = The virtual TCP Port for the Onion Service (As in the
                HiddenServicePort "VIRTPORT" argument).
@@ -1499,6 +1502,16 @@
   "ClientBlob" is not specified for a client, a new credential will be
   randomly generated and returned.
+  Tor instances can either be in anonymous hidden service mode, or
+  non-anonymous single onion service mode. All hidden services on the same
+  tor instance have the same anonymity. To guard against unexpected loss
+  of anonymity, Tor checks that the ADD_ONION "NonAnonymous" flag matches
+  the current hidden service anonymity mode. The hidden service anonymity
+  mode is configured using the Tor options HiddenServiceSingleHopMode and
+  HiddenServiceNonAnonymousMode. If both these options are 1, the
+  "NonAnonymous" flag must be provided to ADD_ONION. If both these options
+  are 0 (the Tor default), the flag must NOT be provided.
+
   Once created the new Onion Service will remain active until either the
   Onion Service is removed via "DEL_ONION", the server terminates, or the
   control connection that originated the "ADD_ONION" command is closed.
@@ -1533,8 +1546,27 @@
      S: 250-ClientAuth=bob:[Blob Redacted]
      S: 250 OK
+  Examples with Tor in anonymous onion service mode:
+
+     C: ADD_ONION NEW:BEST Flags=DiscardPK Port=22
+     S: 250-ServiceID=testonion1234567
+     S: 250 OK
+
+     C: ADD_ONION NEW:BEST Flags=DiscardPK,NonAnonymous Port=22
+     S: 512 Tor is in anonymous hidden service mode
+
+  Examples with Tor in non-anonymous onion service mode:
+
+     C: ADD_ONION NEW:BEST Flags=DiscardPK Port=22
+     S: 512 Tor is in non-anonymous hidden service mode
+
+     C: ADD_ONION NEW:BEST Flags=DiscardPK,NonAnonymous Port=22
+     S: 250-ServiceID=testonion1234567
+     S: 250 OK
+
   [ADD_ONION was added in Tor 0.2.7.1-alpha.]
   [ClientAuth was added in Tor 0.2.9.1-alpha.]
+  [NonAnonymous was added in Tor 0.2.9.3-alpha.]
3.28. DEL_ONION

    