Browse Source

Add a single onion service which can only reach one relay

This tests that single onion services fall back to multi-hop paths
when the intro and rend points are unreachable.
teor 6 years ago
parent
commit
d5807a07fe
2 changed files with 26 additions and 0 deletions
  1. 20 0
      networks/single-onion-indirect
  2. 6 0
      torrc_templates/single-onion-indirect.tmpl

+ 20 - 0
networks/single-onion-indirect

@@ -0,0 +1,20 @@
+# Check that a single onion service makes 3-hop connections to
+# unreachable intro points and rend points, by forcing it to connect
+# through only one guard
+# It should act exactly like a hidden service, except that it might make
+# direct connections to that one guard if that guard is also intro or rend
+
+# By default, Authorities are not configured as exits
+Authority = Node(tag="a", authority=1, relay=1, torrc="authority.tmpl")
+NonExitRelay = Node(tag="r", relay=1, torrc="relay-non-exit.tmpl")
+Client = Node(tag="c", torrc="client.tmpl")
+SingleOnionIndirect = Node(tag="h", hs=1, torrc="single-onion-indirect.tmpl")
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority.getN(2) + NonExitRelay.getN(3) + \
+        Client.getN(1) + SingleOnionIndirect.getN(1)
+
+ConfigureNodes(NODES)

+ 6 - 0
torrc_templates/single-onion-indirect.tmpl

@@ -0,0 +1,6 @@
+${include:single-onion.tmpl}
+
+# Only allow direct connections to the first directory authority's ORPort
+# This checks that a single onion service makes 3-hop connections to
+# unreachable intro points and rend points
+ReachableAddresses 127.0.0.1:5000