Browse Source

Introduce hs-v3 network file and temlate.

This is a chutney network with next generation hidden services.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
David Goulet 5 years ago
parent
commit
b96614275f

+ 16 - 0
networks/hs-v3

@@ -0,0 +1,16 @@
+# Next gen hidden services config
+
+# By default, Authorities are not configured as exits
+Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl")
+ExitRelay = Node(tag="r", relay=1, exit=1, torrc="relay.tmpl")
+Client = Node(tag="c", torrc="client.tmpl")
+HS = Node(tag="h", hs=1, torrc="hs-v3.tmpl")
+
+# We need 8 authorities/relays/exits to ensure at least 2 get the guard flag
+# in 0.2.6
+# We need 5 authorities/relays/exits to ensure we can build HS connections
+NODES = Authority.getN(3) + ExitRelay.getN(5) + \
+        Client.getN(1) + HS.getN(1)
+
+ConfigureNodes(NODES)
+

+ 18 - 0
networks/hs-v3-intro

@@ -0,0 +1,18 @@
+# By default, Authorities are not configured as exits
+Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl")
+NonExitRelay = Node(tag="r", relay=1, torrc="relay-non-exit.tmpl")
+Client = Node(tag="c", torrc="client.tmpl")
+HS10 = Node(tag="h", hs=1, torrc="hs-v3-10.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+# A hidden service with 10 intro points actually tries 12, then repurposes 2
+NODES = Authority.getN(2) + NonExitRelay.getN(10) + \
+        Client.getN(1) + HS10.getN(2)
+
+ConfigureNodes(NODES)

+ 17 - 0
networks/hs-v3-min

@@ -0,0 +1,17 @@
+# By default, Authorities are not configured as exits
+Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl")
+NonExitRelay = Node(tag="r", relay=1, torrc="relay-non-exit.tmpl")
+Client = Node(tag="c", torrc="client.tmpl")
+HS = Node(tag="h", hs=1, torrc="hs-v3.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority.getN(2) + NonExitRelay.getN(3) + \
+        Client.getN(1) + HS.getN(1)
+
+ConfigureNodes(NODES)

+ 2 - 0
torrc_templates/hs-v3-10.tmpl

@@ -0,0 +1,2 @@
+${include:hs-v3.tmpl}
+HiddenServiceNumIntroductionPoints 10

+ 2 - 0
torrc_templates/hs-v3.tmpl

@@ -0,0 +1,2 @@
+${include:hs.tmpl}
+HiddenServiceVersion 3

+ 3 - 0
torrc_templates/hs3-only-v6.tmpl

@@ -0,0 +1,3 @@
+${include:hs-v3.tmpl}
+# Hidden services are just another kind of client
+${include:client-only-v6.i}

+ 3 - 0
torrc_templates/hs3-use-v6.tmpl

@@ -0,0 +1,3 @@
+${include:hs-v3.tmpl}
+# Hidden services are just another kind of client
+${include:client-use-v6.i}

+ 6 - 0
torrc_templates/single-onion-v3-indirect.tmpl

@@ -0,0 +1,6 @@
+${include:single-onion-v3.tmpl}
+
+# Only allow direct connections to the first directory authority's ORPort
+# This checks that a single onion service makes 3-hop connections to
+# unreachable intro points and rend points
+ReachableAddresses 127.0.0.1:5000

+ 3 - 0
torrc_templates/single-onion-v3-only-v6.tmpl

@@ -0,0 +1,3 @@
+${include:single-onion-v3.tmpl}
+# Onion services are just another kind of client
+${include:client-only-v6.i}

+ 3 - 0
torrc_templates/single-onion-v3-use-v6.tmpl

@@ -0,0 +1,3 @@
+${include:single-onion-v3.tmpl}
+# Onion services are just another kind of client
+${include:client-use-v6.i}

+ 2 - 0
torrc_templates/single-onion-v3.tmpl

@@ -0,0 +1,2 @@
+${include:single-onion.tmpl}
+${include:hs-v3.tmpl}