From fd2954d06d2e9b8b0d33bcd0a2e3dfb947ff662e Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 18 Sep 2013 11:09:34 -0400 Subject: Round down hidden service descriptor publication times to nearest hour Implements part of proposal 222. We can do this safely, since REND_CACHE_MAX_SKEW is 24 hours. --- changes/no_client_timestamps_024 | 2 ++ src/or/rendservice.c | 1 + 2 files changed, 3 insertions(+) diff --git a/changes/no_client_timestamps_024 b/changes/no_client_timestamps_024 index 9ded8b3d9..488630fb3 100644 --- a/changes/no_client_timestamps_024 +++ b/changes/no_client_timestamps_024 @@ -10,3 +10,5 @@ - Stop sending timestamps in AUTHENTICATE cells. This is not such a big deal from a security point of view, but it achieves no actual good purpose, and isn't needed. Implements part of proposal 222. + - Reduce down accuracy of timestamps in hidden service descriptors. + Implements part of proposal 222. diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 00bca17d4..8a4a11e47 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -593,6 +593,7 @@ rend_service_update_descriptor(rend_service_t *service) d = service->desc = tor_malloc_zero(sizeof(rend_service_descriptor_t)); d->pk = crypto_pk_dup_key(service->private_key); d->timestamp = time(NULL); + d->timestamp -= d->timestamp % 3600; /* Round down to nearest hour */ d->intro_nodes = smartlist_new(); /* Support intro protocols 2 and 3. */ d->protocols = (1 << 2) + (1 << 3); -- cgit v1.2.3