Decide what options to disable with Single Onion Services
Tor2Web mode disables certain options because one-hop paths break them. Single Onion Services (all flavours) should do this as well.
We might also want to recommend setting DisablePredictedCircuits as well, as descriptor uploads are the only task that uses predicated circuits. (One-hop circuits aren't cannibalized or re-used for intro and rendezvous point connections.)
options_validate() currently disables LearnCircuitBuildTimeout and UseEntryGuards:
if (options->Tor2webMode && options->LearnCircuitBuildTimeout) {
/* LearnCircuitBuildTimeout and Tor2webMode are incompatible in
* two ways:
*
* - LearnCircuitBuildTimeout results in a low CBT, which
* Tor2webMode's use of one-hop rendezvous circuits lowers
* much further, producing *far* too many timeouts.
*
* - The adaptive CBT code does not update its timeout estimate
* using build times for single-hop circuits.
*
* If we fix both of these issues someday, we should test
* Tor2webMode with LearnCircuitBuildTimeout on again. */
log_notice(LD_CONFIG,"Tor2webMode is enabled; turning "
"LearnCircuitBuildTimeout off.");
options->LearnCircuitBuildTimeout = 0;
}
if (options->Tor2webMode && options->UseEntryGuards) {
/* tor2web mode clients do not (and should not) use entry guards
* in any meaningful way. Further, tor2web mode causes the hidden
* service client code to do things which break the path bias
* detector, and it's far easier to turn off entry guards (and
* thus the path bias detector with it) than to figure out how to
* make a piece of code which cannot possibly help tor2web mode
* users compatible with tor2web mode.
*/
log_notice(LD_CONFIG,
"Tor2WebMode is enabled; disabling UseEntryGuards.");
options->UseEntryGuards = 0;
}