Increase HS desc cert lifetime.

We used to have a small HS desc cert lifetime but those certs can stick around for 36 hours if they get initialized in the beginning of overlap period. [warn] Bug: Non-fatal assertion !(hs_desc_encode_descriptor(desc->desc, &desc->signing_kp, &encoded_desc) < 0) failed in upload_descriptor_to_hsdir at src/or/hs_service.c:1886. Stack trace: (on Tor 0.3.2.0-alpha-dev b4a14555597fb9b3)

Increase HS desc cert lifetime.
827bd0e8 · George Kadianakis · Nick Mathewson · bd3213b1 · 827bd0e8
Commit 827bd0e8 authored 7 years ago by George Kadianakis Committed by Nick Mathewson 7 years ago
--- a/src/or/hs_descriptor.h
+++ b/src/or/hs_descriptor.h
@@ -31,7 +31,7 @@
 #define HS_DESC_MAX_LIFETIME (12 * 60 * 60)
 /* Lifetime of certificate in the descriptor. This defines the lifetime of the
 * descriptor signing key and the cross certification cert of that key. */
-#define HS_DESC_CERT_LIFETIME (24 * 60 * 60)
+#define HS_DESC_CERT_LIFETIME (36 * 60 * 60)
 /* Length of the salt needed for the encrypted section of a descriptor. */
 #define HS_DESC_ENCRYPTED_SALT_LEN 16
 /* Length of the secret input needed for the KDF construction which derives