commit 1517a8a2ebeb645669531b53bad52879d6da39d2 Author: David Goulet dgoulet@torproject.org Date: Thu Aug 25 11:52:29 2016 -0400
Add EnableOnionServicesV3 consensus parameter
This parameter controls if onion services version 3 (first version of prop224) is enabled or not. If disabled, the tor daemon will not support the protocol for all components such as relay, directory, service and client. If the parameter is not found, it's enabled by default.
Closes #19899
Signed-off-by: David Goulet dgoulet@torproject.org Signed-off-by: George Kadianakis desnacked@riseup.net --- src/or/directory.c | 15 +++++++++++++++ src/or/hs_common.c | 15 +++++++++++++++ src/or/hs_common.h | 2 ++ 3 files changed, 32 insertions(+)
diff --git a/src/or/directory.c b/src/or/directory.c index 29022fa..a3aa276 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3404,6 +3404,13 @@ handle_get_hs_descriptor_v3(dir_connection_t *conn, const char *pubkey_str = NULL; const char *url = args->url;
+ /* Don't serve v3 descriptors if next gen onion service is disabled. */ + if (!hs_v3_protocol_is_enabled()) { + /* 404 is used for an unrecognized URL so send back the same. */ + write_http_status_line(conn, 404, "Not found"); + goto done; + } + /* Reject unencrypted dir connections */ if (!connection_dir_is_encrypted(conn)) { write_http_status_line(conn, 404, "Not found"); @@ -3620,6 +3627,14 @@ directory_handle_command_post(dir_connection_t *conn, const char *headers, * the prop224 be deployed and thus use. */ if (connection_dir_is_encrypted(conn) && !strcmpstart(url, "/tor/hs/")) { const char *msg = "HS descriptor stored successfully."; + /* Don't accept v3 and onward publish request if next gen onion service is + * disabled. */ + if (!hs_v3_protocol_is_enabled()) { + /* 404 is used for an unrecognized URL so send back the same. */ + write_http_status_line(conn, 404, "Not found"); + goto done; + } + /* We most probably have a publish request for an HS descriptor. */ int code = handle_post_hs_descriptor(url, body); if (code != 200) { diff --git a/src/or/hs_common.c b/src/or/hs_common.c index c78af53..448bf5b 100644 --- a/src/or/hs_common.c +++ b/src/or/hs_common.c @@ -11,6 +11,8 @@
#include "or.h"
+#include "config.h" +#include "networkstatus.h" #include "hs_common.h" #include "rendcommon.h"
@@ -263,3 +265,16 @@ rend_data_get_pk_digest(const rend_data_t *rend_data, size_t *len_out) } }
+/* Return true iff the Onion Services protocol version 3 is enabled. This only + * considers the consensus parameter. If the parameter is not found, the + * default is that it's enabled. */ +int +hs_v3_protocol_is_enabled(void) +{ + /* This consensus param controls if the the onion services version 3 is + * enabled or not which is the first version of the next generation + * (proposal 224). If this option is set to 0, the tor daemon won't support + * the protocol as either a relay, directory, service or client. By default, + * it's enabled if the parameter is not found. */ + return networkstatus_get_param(NULL, "EnableOnionServicesV3", 1, 0, 1); +} diff --git a/src/or/hs_common.h b/src/or/hs_common.h index 1d3a15d..2502f35 100644 --- a/src/or/hs_common.h +++ b/src/or/hs_common.h @@ -33,5 +33,7 @@ const char *rend_data_get_desc_id(const rend_data_t *rend_data, const uint8_t *rend_data_get_pk_digest(const rend_data_t *rend_data, size_t *len_out);
+int hs_v3_protocol_is_enabled(void); + #endif /* TOR_HS_COMMON_H */
tor-commits@lists.torproject.org