commit 6785f0b65a106561a36239d89140bf18be3d7c6c Author: David Goulet dgoulet@ev0ke.net Date: Mon May 11 11:27:30 2015 -0400

HSDir flag now requires the Stable flag

Fixes #8243 --- changes/ticket8243 | 7 +++++++ src/or/dirserv.c | 6 ++++-- 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/changes/ticket8243 b/changes/ticket8243 new file mode 100644 index 0000000..8946a21 --- /dev/null +++ b/changes/ticket8243 @@ -0,0 +1,7 @@ + o Minor feature: + - The HSDir flag given by authorities now requires the Stable flag. For + the current network, this results in going from 2887 to 2806 HSDirs. + Also, it makes it harder for an attacker to launch a sybil attack by + raising the effort for a relay to become Stable which takes at the + very least 7 days to do so and by keeping the 96 hours uptime + requirement for HSDir. Implements ticket #8243. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index a024be8..65bfafb 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1278,8 +1278,9 @@ dirserv_thinks_router_is_unreliable(time_t now, }

/** Return true iff <b>router</b> should be assigned the "HSDir" flag. - * Right now this means it advertises support for it, it has a high - * uptime, it has a DirPort open, and it's currently considered Running. + * Right now this means it advertises support for it, it has a high uptime, + * it has a DirPort open, it has the Stable flag and it's currently + * considered Running. * * This function needs to be called after router->is_running has * been set. @@ -1306,6 +1307,7 @@ dirserv_thinks_router_is_hs_dir(const routerinfo_t *router, uptime = real_uptime(router, now);

return (router->wants_to_be_hs_dir && router->dir_port && + node->is_stable && uptime >= get_options()->MinUptimeHidServDirectoryV2 && router_is_active(router, node, now)); }