[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [chutney/master] Add a single onion service which can only reach one relay
commit d5807a07fe3d6f98fc15820aaa0158a51951a417
Author: teor <teor2345@xxxxxxxxx>
Date: Mon Sep 5 17:46:16 2016 +1000
Add a single onion service which can only reach one relay
This tests that single onion services fall back to multi-hop paths
when the intro and rend points are unreachable.
---
networks/single-onion-indirect | 20 ++++++++++++++++++++
torrc_templates/single-onion-indirect.tmpl | 6 ++++++
2 files changed, 26 insertions(+)
diff --git a/networks/single-onion-indirect b/networks/single-onion-indirect
new file mode 100644
index 0000000..1c2a3ae
--- /dev/null
+++ b/networks/single-onion-indirect
@@ -0,0 +1,20 @@
+# Check that a single onion service makes 3-hop connections to
+# unreachable intro points and rend points, by forcing it to connect
+# through only one guard
+# It should act exactly like a hidden service, except that it might make
+# direct connections to that one guard if that guard is also intro or rend
+
+# By default, Authorities are not configured as exits
+Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl")
+NonExitRelay = Node(tag="r", relay=1, torrc="relay-non-exit.tmpl")
+Client = Node(tag="c", torrc="client.tmpl")
+SingleOnionIndirect = Node(tag="h", hs=1, torrc="single-onion-indirect.tmpl")
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority.getN(2) + NonExitRelay.getN(3) + \
+ Client.getN(1) + SingleOnionIndirect.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/torrc_templates/single-onion-indirect.tmpl b/torrc_templates/single-onion-indirect.tmpl
new file mode 100644
index 0000000..58d812b
--- /dev/null
+++ b/torrc_templates/single-onion-indirect.tmpl
@@ -0,0 +1,6 @@
+${include:single-onion.tmpl}
+
+# Only allow direct connections to the first directory authority's ORPort
+# This checks that a single onion service makes 3-hop connections to
+# unreachable intro points and rend points
+ReachableAddresses 127.0.0.1:5000
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits