[tor-commits] [chutney/master] Add a single onion service which can only reach one relay

teor at torproject.org teor at torproject.org
Wed Sep 14 02:05:09 UTC 2016 

commit d5807a07fe3d6f98fc15820aaa0158a51951a417
Author: teor <teor2345 at gmail.com>
Date:   Mon Sep 5 17:46:16 2016 +1000

    Add a single onion service which can only reach one relay
    
    This tests that single onion services fall back to multi-hop paths
    when the intro and rend points are unreachable.
---
 networks/single-onion-indirect             | 20 ++++++++++++++++++++
 torrc_templates/single-onion-indirect.tmpl |  6 ++++++
 2 files changed, 26 insertions(+)

diff --git a/networks/single-onion-indirect b/networks/single-onion-indirect
new file mode 100644
index 0000000..1c2a3ae
--- /dev/null
+++ b/networks/single-onion-indirect
@@ -0,0 +1,20 @@
+# Check that a single onion service makes 3-hop connections to
+# unreachable intro points and rend points, by forcing it to connect
+# through only one guard
+# It should act exactly like a hidden service, except that it might make
+# direct connections to that one guard if that guard is also intro or rend
+
+# By default, Authorities are not configured as exits
+Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl")
+NonExitRelay = Node(tag="r", relay=1, torrc="relay-non-exit.tmpl")
+Client = Node(tag="c", torrc="client.tmpl")
+SingleOnionIndirect = Node(tag="h", hs=1, torrc="single-onion-indirect.tmpl")
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority.getN(2) + NonExitRelay.getN(3) + \
+        Client.getN(1) + SingleOnionIndirect.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/torrc_templates/single-onion-indirect.tmpl b/torrc_templates/single-onion-indirect.tmpl
new file mode 100644
index 0000000..58d812b
--- /dev/null
+++ b/torrc_templates/single-onion-indirect.tmpl
@@ -0,0 +1,6 @@
+${include:single-onion.tmpl}
+
+# Only allow direct connections to the first directory authority's ORPort
+# This checks that a single onion service makes 3-hop connections to
+# unreachable intro points and rend points
+ReachableAddresses 127.0.0.1:5000

More information about the tor-commits mailing list