Anyone DNS Integration

[jim-toth]

No description provided.

[Copilot]

Pull request overview

This PR migrates hidden-service address handling from the legacy .anon suffix to .anyone, and adds an “Anyone DNS” mapping mechanism backed by an anyone_hosts file (including a signed-file format with signature verification).

Changes:

• Replace .anon/checksum prefix usages with .anyone across core HS logic, SOCKS resolve tooling, control messages, and tests.
• Introduce parsing + signature verification for signed anyone_hosts files and wire it into .anyone hostname resolution.
• Update defaults, docs, docker test assets/configs, and bump project version metadata.

Reviewed changes

Copilot reviewed 44 out of 46 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
src/tools/anon-resolve.c	Update resolver warnings/logic to recognize .anyone.
src/test/test_hs_service.c	Update HS service test vectors to .anyone.
src/test/test_hs_ob.c	Update OnionBalance config parsing tests for .anyone.
src/test/test_hs_control.c	Update HS control-port tests with new address vectors.
src/test/test_hs_common.c	Update hostname parsing tests; add anyone_hosts signature verification tests.
src/test/test_hs_client.c	Update client tests/comments for .anyone.
src/test/test_entryconn.c	Update automap/mapaddress tests to use .anyone.
src/test/test_crypto_rng.c	Update random-hostname suffix + length expectations for .anyone.
src/test/test_addr.c	Update virtaddr map persistence tests to .anyone.
src/test/hs_build_address.py	Update checksum prefix and packing to match .anyone checksum.
src/test/conf_examples/large_1/expected_no_dirauth	Update expected config output for AutomapHostsSuffixes.
src/test/conf_examples/large_1/expected	Update expected config output for AutomapHostsSuffixes.
src/test/conf_examples/large_1/anonrc	Update sample anonrc for AutomapHostsSuffixes.
src/feature/hs/hs_service.h	Update documentation comment to .anyone.
src/feature/hs/hs_service.c	Switch HS address TLD constant to anyone.
src/feature/hs/hs_ob.c	Update OnionBalance address parsing to require .anyone.
src/feature/hs/hs_descriptor.h	Update descriptor decode comments to .anyone.
src/feature/hs/hs_common.h	Change checksum prefix + suffix constants to .anyone.
src/feature/hs/hs_common.c	Update address-building documentation comments for new checksum prefix.
src/feature/hs/hs_client.c	Update log message suffix for .anyone.
src/feature/dirparse/parsecommon.h	Add new keywords for anyone_hosts signed-format parsing.
src/feature/dirparse/include.am	Add new anyone_hosts parser sources/headers to build.
src/feature/dirparse/anyone_hosts_parse.h	New API for parsing/verifying signed anyone_hosts files.
src/feature/dirparse/anyone_hosts_parse.c	Implement tokenization + ed25519 signature verification and signer allowlist check.
src/feature/control/control.c	Update internal comment to .anyone.
src/feature/control/control_fmt.c	Update formatting logic to append .anyone.
src/feature/control/control_cmd.c	Update doc comment to .anyone.
src/core/or/connection_edge.h	Update connection state comment to .anyone.
src/core/or/connection_edge.c	Integrate anyone_hosts verification into .anyone parsing and mapping lookup.
src/app/config/config.h	Update default DNS mapping list for anyone DNS services.
src/app/config/config.c	Default AutomapHostsSuffixes to .anyone,.exit; create anyone_hosts file at startup if missing.
docker/tests/default-dns-mappings	Add docker test fixture for default mapping set.
docker/tests/anyone_hosts-legacy	Add docker test fixture for legacy unsigned anyone_hosts format.
docker/tests/anyone_hosts	Add docker test fixture for signed anyone_hosts format.
docker/tests/anonrc-hs-dev	Add dev HS docker config.
docker/tests/anonrc-dev	Add dev docker config.
docker/README.md	Update docker documentation for environment selection.
docker/Dockerfile.local	Add local-source build dockerfile.
docker/Dockerfile.dev	Add developer-focused dockerfile with test tooling.
docker/config/anonrc-example	Fix header comment path.
doc/include.am	Include new anyone_hosts format documentation in distribution.
doc/anyone_hosts_format.txt	New spec doc for anyone_hosts legacy + signed formats and verification rules.
contrib/win32build/anon-mingw.nsi.in	Bump win32 installer version string.
configure.ac	Bump project version and approximate release date.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[jim-toth]

@copilot Let's add a configuration variable the user can control from anonrc and default it to 10MB

[Copilot]

@copilot Let's add a configuration variable the user can control from anonrc and default it to 10MB

Implemented in 620fba2. Added new anonrc option DNSMappingFileMaxSize (default 10 MB) and wired it into anyone_hosts loading. It’s now user-configurable, and setting it to 0 disables the limit.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• dl.google.com
  • Triggering command: /usr/lib/apt/methods/https /usr/lib/apt/methods/https (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)