git.ipfire.org Git - thirdparty/tor.git/commit

author	David Goulet <dgoulet@torproject.org>
	Wed, 18 Dec 2024 15:24:28 +0000 (10:24 -0500)
committer	David Goulet <dgoulet@torproject.org>
	Wed, 18 Dec 2024 15:24:28 +0000 (10:24 -0500)
commit	b628ffeb6234c58d0921756b9a34ac601870f09a
tree	f718ae11af127490778617784c9e528da8357e87	tree
parent	08e872ef51be562dc5f7c59d6e46d7f6006b3dd7	commit \| diff

hs: Add downloaded counter to an HSDir cache entry

This adds a counter for the number of times a descriptor is downloaded from an
HSDir. Future commit will change the OOM subsystem to clean that cache based on
the lowest downloaded counts instead of time in cache.

In order to raise the bar even more for an attacker, the downloaded counter is
only marked when the directory request stream is closed. To pull this off, the
HS identifier on the directory connection is populated with the blinded key
requested (only on success). Finally, when the connection closes, we can then
lookup the cache entry with it and increment the counter.

Part of #40996

Signed-off-by: David Goulet <dgoulet@torproject.org>

src/feature/dircache/dircache.c		diff \| blob \| blame \| history
src/feature/dircommon/dir_connection_st.h		diff \| blob \| blame \| history
src/feature/dircommon/directory.c		diff \| blob \| blame \| history
src/feature/hs/hs_cache.c		diff \| blob \| blame \| history
src/feature/hs/hs_cache.h		diff \| blob \| blame \| history
src/feature/hs/hs_ident.c		diff \| blob \| blame \| history
src/feature/hs/hs_ident.h		diff \| blob \| blame \| history