Hidden Services and IP address changes

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello everyone, I think I've found one or more bugs that appear when Tor clients hosting HSes change their IP address during operation. I'm slightly overwhelmed from reading the Tor source code and not sure how to best fix them. The central issue that I discovered can be reproduced like this (assuming Tor clients A, B and C): 1. (Setup) A hosts the HS X and A, B and C are all booted up. 2. B connects to X - it works! 3. A changes its IP address. 4. B tries to talk to X again - doesn't work! 5. C tries to talk to X (for the first time) - works like a charm (so X IS working) I digged through the Tor log and source code and have now arrived at following hypothesis for why this particular error happens: - - after A changes its IP addresses, it never establishes a circuit to the old RP with B again. - - B, on the other hand, keeps trying to talk with A through that RP, saying that it is an "Active rendezvous point". B never stops trying to use that RP. So, they appear to be two sides to this: a) A not notifying B or the RP about its IP address change. b) B not considering the possibility that the RP might not be active anymore. b) seems easier to fix. Some logic needs to be included for forgetting about RPs that have failed once. I identified connection_ap_expire_beginning() as one potential place to do this. Am I on the right track? Is this a good idea? And how do I forget about RPs? These are some of the questions I'm struggling with... I should also probably open a bug report, but I thought I might first ask for some advice here. Thanks, Martin PS: Why this is important: HSes/Onion services running on mobile devices will very often have to deal with IP address changes. I'm thinking about applications like Briar or our own hacky attempts to enable generic P2P application development on top of Tor hidden services (https://github.com/kit-tm/PTP). -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVXb5wAAoJEK5sDRyGnIFfbbYP/1gi6A/wZFhQfr6IRG4F1jBT c2/euGqiLG1rrqh5inTzrSIrHU0cm6FBxrtfB4egUO8+saVouhDrsgVQIF/y7nK0 f754Bcx9w3/a9hDK3L0iUtsYguMMTPOeWeCCdAxblYZWhKF3bxu9qwVsNqtVUUIm Oz1WLl4N++Pf9v09LRaDR7JaL9Ts7aJ3sEIWLjuntgEoS9sJaWmUjdVZZCjdWAOF S2FM6O1SE2V8xiMFjFOEmabWYUigrVZu2qk9/XpWeMDeNNIT57URZ2R0gKxjxLEl c5/+KawvSFGVKeoyTM+xys3UcO2IvnKxL43M2pocO5UX9TZv0iyrx1YRoTPEq3D5 HoOEX3Q0wlk6aJ3qqGFb2nNwr4n18k4IvdopCPkGvMBUuflcD77ug42k7TDEgXWD yJqBfxQE8l+p7QZ+kpHajdSmMtKzdjbYyuA4l1/FUskHQfX1fg2WyHQSdZR9Dxni GZJdnHOdN6f5T2lUVCuP4ZWlkHJ/HEPYWT7BOxRwyCbI6ViHZUIqJA8q1EPYGwP5 MOkSsx4diFS+RxAxb/vcudalOT8gIuszYsUImM1o2yzSpZ1faBuv1WCbdQ4qVcm8 XUrxSJCrX6qaY/ZxovWWnggYK9w2CgLDEHfeY39VRwLjDiOi85JWhGBvvtyGb84v WJvzKA4thqQ+JQEsR24+ =JxdI -----END PGP SIGNATURE-----

Martin Florian <florian@kit.edu> writes:
Hello everyone,
I think I've found one or more bugs that appear when Tor clients hosting HSes change their IP address during operation. I'm slightly overwhelmed from reading the Tor source code and not sure how to best fix them.
The central issue that I discovered can be reproduced like this (assuming Tor clients A, B and C): 1. (Setup) A hosts the HS X and A, B and C are all booted up. 2. B connects to X - it works! 3. A changes its IP address. 4. B tries to talk to X again - doesn't work! 5. C tries to talk to X (for the first time) - works like a charm (so X IS working)
I digged through the Tor log and source code and have now arrived at following hypothesis for why this particular error happens: - after A changes its IP addresses, it never establishes a circuit to the old RP with B again. - B, on the other hand, keeps trying to talk with A through that RP, saying that it is an "Active rendezvous point". B never stops trying to use that RP.
So, they appear to be two sides to this: a) A not notifying B or the RP about its IP address change. b) B not considering the possibility that the RP might not be active anymore.
b) seems easier to fix. Some logic needs to be included for forgetting about RPs that have failed once. I identified connection_ap_expire_beginning() as one potential place to do this. Am I on the right track? Is this a good idea? And how do I forget about RPs? These are some of the questions I'm struggling with...
Hello friend! I opened a trac ticket for this whole "hidden services on mobile phones don't work that well" issue. You can find it here: https://trac.torproject.org/projects/tor/ticket/16387
participants (2)
-
George Kadianakis
-
Martin Florian