relay: Skip warnings for single onion services

Single onion services are not secret, so there is no added risk from
using accounting or running a relay in the same instance.

Related to #40691

diff --git a/changes/ticket40691 b/changes/ticket40691
new file mode 100644 (file)
index 0000000..f1c518f
--- /dev/null
+++ b/changes/ticket40691
@@ -0,0 +1,3 @@
+  o Minor features (relay):
+    - Do not warn about configuration options that may expose a non-anonymous
+      onion service. Closes ticket 40691.

diff --git a/src/feature/relay/relay_config.c b/src/feature/relay/relay_config.c
index 85ccfc18a7497b2e86cd7c2d1071e697f3699cee..aa9d48beac2e2d98cb65e73e071f7c49af5687c3 100644 (file)
--- a/src/feature/relay/relay_config.c
+++ b/src/feature/relay/relay_config.c
@@ -33,6 +33,7 @@
 #include "core/or/port_cfg_st.h"
 
 #include "feature/hibernate/hibernate.h"
+#include "feature/hs/hs_service.h"
 #include "feature/nodelist/nickname.h"
 #include "feature/stats/geoip_stats.h"
 #include "feature/stats/predict_ports.h"
@@ -942,7 +943,8 @@ options_validate_relay_accounting(const or_options_t *old_options,
   if (accounting_parse_options(options, 1)<0)
     REJECT("Failed to parse accounting options. See logs for details.");
 
-  if (options->AccountingMax) {
+  if (options->AccountingMax &&
+      !hs_service_non_anonymous_mode_enabled(options)) {
     if (options->RendConfigLines && server_mode(options)) {
       log_warn(LD_CONFIG, "Using accounting with a hidden service and an "
                "ORPort is risky: your hidden service(s) and your public "
@@ -1118,7 +1120,8 @@ options_validate_relay_mode(const or_options_t *old_options,
   if (BUG(!msg))
     return -1;
 
-  if (server_mode(options) && options->RendConfigLines)
+  if (server_mode(options) && options->RendConfigLines &&
+      !hs_service_non_anonymous_mode_enabled(options))
     log_warn(LD_CONFIG,
         "Tor is currently configured as a relay and a hidden service. "
         "That's not very secure: you should probably run your hidden service "