Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hs: Don't overwrite DoS parameters on circuit with consensus params #2069

Open
wants to merge 1 commit into
base: maint-0.4.3
Choose a base branch
from
Open

hs: Don't overwrite DoS parameters on circuit with consensus params #2069

wants to merge 1 commit into from

Commits on Aug 19, 2020

  1. hs: Don't overwrite DoS parameters on circuit with consensus params 

    Turns out that the HS DoS defenses parameters were overwritten by the
consensus parameters everytime a new consensus would arrive.

This means that a service operator can still enable the defenses but as soon
as the intro point relay would get a new consensus, they would be overwritten.
And at this commit, the network is entirely disabling DoS defenses.

Fix this by introducing an "explicit" flag that indicate if the
ESTABLISH_INTRO cell DoS extension set those parameters or not. If set, avoid
using the consenus at once.

We are not bumping the protover HSIntro value for this because 0.4.2.x series
is EOL in 1 month and thus 0.4.3.x would be the only series with this bug. We
are confident that a backport and then upgrade path to the latest 0.4.4.x
stable coming up soon is enough to mitigate this problem in the coming months.

It avoids the upgrade path on the service side by keeping the requirement for
protover HSIntro=5.

Fixes #40109

Signed-off-by: David Goulet <[email protected]>
    @dgoulet-tor
    dgoulet-tor committed Aug 19, 2020
    Configuration menu
    Copy the full SHA
    f5c9f6d View commit details
    Browse the repository at this point in the history