Reject TAP (rebased)
(I've moved service opportunistic upgrades to ntor to #17178.)
-
Tor authorities, relays, and clients only use ntor, except for rare cases in the hidden service protocol.
-
Authorities, relays and clients specifically check that each descriptor has an ntor key.
-
Clients avoid downloading a descriptor if the relay version is too old to support ntor.
-
Client code never chooses nodes without ntor keys: they will not be selected during circuit-building, or as guards, or as directory mirrors, or as introduction or rendezvous points.
-
Circuit-building code assumes that all hops can use ntor, except for rare hidden service protocol cases.
-
Hidden service clients opportunistically upgrade to intro point ntor onion keys from relay descriptors. When the relay descriptor is not available, it falls back to the TAP key supplied by the protocol.
Fixes bug 19163; bugfix on 0.2.4.18-rc.