7 years ago · e1d7661412
--- a/src/or/hs_cache.c
+++ b/src/or/hs_cache.c
@@ -15,6 +15,7 @@
 
				 #include "config.h"
			
 
				 #include "hs_common.h"
			
 
				 #include "hs_descriptor.h"
			
 
				+#include "networkstatus.h"
			
 
				 #include "rendcache.h"
			
 
				 
			
 
				 /* Directory descriptor cache. Map indexed by blinded key. */
			
@@ -366,6 +367,18 @@ hs_cache_handle_oom(time_t now, size_t min_remove_bytes)
 
				   return bytes_removed;
			
 
				 }
			
 
				 
			
 
				+/**
			
 
				+ * Return the maximum size of an HS descriptor we are willing to accept as an
			
 
				+ * HSDir.
			
 
				+ */
			
 
				+unsigned int
			
 
				+hs_cache_get_max_descriptor_size(void)
			
 
				+{
			
 
				+  return (unsigned) networkstatus_get_param(NULL,
			
 
				+                                            "HSV3MaxDescriptorSize",
			
 
				+                                            HS_DESC_MAX_LEN, 1, INT32_MAX);
			
 
				+}
			
 
				+
			
 
				 /* Initialize the hidden service cache subsystem. */
			
 
				 void
			
 
				 hs_cache_init(void)
			
--- a/src/or/hs_cache.h
+++ b/src/or/hs_cache.h
@@ -44,6 +44,8 @@ void hs_cache_free_all(void);
 
				 void hs_cache_clean_as_dir(time_t now);
			
 
				 size_t hs_cache_handle_oom(time_t now, size_t min_remove_bytes);
			
 
				 
			
 
				+unsigned int hs_cache_get_max_descriptor_size(void);
			
 
				+
			
 
				 /* Store and Lookup function. They are version agnostic that is depending on
			
 
				  * the requested version of the descriptor, it will be re-routed to the
			
 
				  * right function. */
			
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -15,6 +15,7 @@
 
				 #include "ed25519_cert.h" /* Trunnel interface. */
			
 
				 #include "parsecommon.h"
			
 
				 #include "rendcache.h"
			
 
				+#include "hs_cache.h"
			
 
				 #include "torcert.h" /* tor_cert_encode_ed22519() */
			
 
				 
			
 
				 /* Constant string value used for the descriptor format. */
			
@@ -1700,8 +1701,9 @@ hs_desc_decode_plaintext(const char *encoded,
 
				   tor_assert(encoded);
			
 
				   tor_assert(plaintext);
			
 
				 
			
 
				+  /* Check that descriptor is within size limits. */
			
 
				   encoded_len = strlen(encoded);
			
 
				-  if (encoded_len >= HS_DESC_MAX_LEN) {
			
 
				+  if (encoded_len >= hs_cache_get_max_descriptor_size()) {
			
 
				     log_warn(LD_REND, "Service descriptor is too big (%lu bytes)",
			
 
				              (unsigned long) encoded_len);
			
 
				     goto err;
			
--- a/src/or/hs_descriptor.h
+++ b/src/or/hs_descriptor.h
@@ -54,7 +54,7 @@
 
				   HS_DESC_ENCRYPTED_SALT_LEN + \
			
 
				   HS_DESC_PLAINTEXT_PADDING_MULTIPLE + DIGEST256_LEN
			
 
				 /* Maximum length in bytes of a full hidden service descriptor. */
			
 
				-#define HS_DESC_MAX_LEN 32768 // XXX justify
			
 
				+#define HS_DESC_MAX_LEN 50000 /* 50kb max size */
			
 
				 /* The minimum amount of fields a descriptor should contain. The parsing of
			
 
				  * the fields are version specific so the only required field, as a generic
			
 
				  * view of a descriptor, is 1 that is the version field. */