tor: enable PoW defenses for automatically created hidden services

Enable PoW defenses [1] for hidden services that we create via Tor Control using the `ADD_ONION` command [2]. The ability to do that has been added in tor-0.4.9.2-alpha [3]. Previous versions return a syntax error to the `ADD_ONION` command with `PoWDefensesEnabled=1`, so the approach here is to try with PoW and if we get syntax error, then retry without PoW. [1] https://tpo.pages.torproject.net/onion-services/ecosystem/technology/security/pow/ [2] https://spec.torproject.org/control-spec/commands.html#add_onion [3] 02c1804446
2026-04-26 14:59:16 +02:00 · 2025-09-15 15:44:03 +02:00
parent fb993f7604
commit 4c6798a3d3
3 changed files with 31 additions and 7 deletions
--- a/src/test/fuzz/torcontrol.cpp
+++ b/src/test/fuzz/torcontrol.cpp
@@ -54,6 +54,9 @@ FUZZ_TARGET(torcontrol, .init = initialize_torcontrol)
            [&] {
                tor_control_reply.code = TOR_REPLY_UNRECOGNIZED;
            },
+            [&] {
+                tor_control_reply.code = TOR_REPLY_SYNTAX_ERROR;
+            },
            [&] {
                tor_control_reply.code = fuzzed_data_provider.ConsumeIntegral<int>();
            });
@@ -65,7 +68,10 @@ FUZZ_TARGET(torcontrol, .init = initialize_torcontrol)
        CallOneOf(
            fuzzed_data_provider,
            [&] {
-                tor_controller.add_onion_cb(dummy_tor_control_connection, tor_control_reply);
+                tor_controller.add_onion_cb(dummy_tor_control_connection, tor_control_reply, /*pow_was_enabled=*/true);
+            },
+            [&] {
+                tor_controller.add_onion_cb(dummy_tor_control_connection, tor_control_reply, /*pow_was_enabled=*/false);
            },
            [&] {
                tor_controller.auth_cb(dummy_tor_control_connection, tor_control_reply);