[tor-commits] [tor/maint-0.2.3] Warn when accounting is used in a way likely to link hidden services

nickm at torproject.org nickm at torproject.org
Tue Jul 31 14:29:05 UTC 2012


commit 2bd45213c991df62bf184758c5e8222685bda1ba
Author: Nick Mathewson <nickm at torproject.org>
Date:   Mon Jul 30 11:58:55 2012 -0400

    Warn when accounting is used in a way likely to link hidden services
    
    Fix for 6490.
---
 changes/bug6490 |    4 ++++
 src/or/config.c |   29 +++++++++++++++++++++++++++++
 2 files changed, 33 insertions(+), 0 deletions(-)

diff --git a/changes/bug6490 b/changes/bug6490
new file mode 100644
index 0000000..c92daad
--- /dev/null
+++ b/changes/bug6490
@@ -0,0 +1,4 @@
+  o Minor features:
+    - Warn when Tor is configured to use accounting in a way that will
+      link a hidden service to some other hidden service or public
+      address. Fix for bug 6490.
diff --git a/src/or/config.c b/src/or/config.c
index 918efd4..a369297 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -594,6 +594,7 @@ static void option_reset(const config_format_t *fmt, or_options_t *options,
                          const config_var_t *var, int use_defaults);
 static void config_free(const config_format_t *fmt, void *options);
 static int config_lines_eq(config_line_t *a, config_line_t *b);
+static int config_count_key(const config_line_t *a, const char *key);
 static int option_is_same(const config_format_t *fmt,
                           const or_options_t *o1, const or_options_t *o2,
                           const char *name);
@@ -3066,6 +3067,20 @@ config_lines_eq(config_line_t *a, config_line_t *b)
   return 1;
 }
 
+/** Return the number of lines in <b>a</b> whose key is <b>key</b>. */
+static int
+config_count_key(const config_line_t *a, const char *key)
+{
+  int n = 0;
+  while (a) {
+    if (!strcasecmp(a->key, key)) {
+      ++n;
+    }
+    a = a->next;
+  }
+  return n;
+}
+
 /** Return true iff the option <b>name</b> has the same value in <b>o1</b>
  * and <b>o2</b>.  Must not be called for LINELIST_S or OBSOLETE options.
  */
@@ -3848,6 +3863,20 @@ options_validate(or_options_t *old_options, or_options_t *options,
   if (accounting_parse_options(options, 1)<0)
     REJECT("Failed to parse accounting options. See logs for details.");
 
+  if (options->AccountingMax) {
+    if (options->RendConfigLines && server_mode(options)) {
+      log_warn(LD_CONFIG, "Using accounting with a hidden service and an "
+               "ORPort is risky: your hidden service(s) and your public "
+               "address will all turn off at the same time, which may alert "
+               "observers that they are being run by the same party.");
+    } else if (config_count_key(options->RendConfigLines,
+                                "HiddenServiceDir") > 1) {
+      log_warn(LD_CONFIG, "Using accounting with multiple hidden services is "
+               "risky: they will all turn off at the same time, which may "
+               "alert observers that they are being run by the same party.");
+    }
+  }
+
   if (options->HTTPProxy) { /* parse it now */
     if (tor_addr_port_lookup(options->HTTPProxy,
                         &options->HTTPProxyAddr, &options->HTTPProxyPort) < 0)





More information about the tor-commits mailing list