[tor-bugs] #14828 [Tor]: Multiple hidden services can share a pk_digest/service_id.

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Feb 9 18:25:19 UTC 2015


#14828: Multiple hidden services can share a pk_digest/service_id.
------------------------------------------+--------------------------------
 Reporter:  yawning                       |          Owner:
     Type:  defect                        |         Status:  new
 Priority:  normal                        |      Milestone:
Component:  Tor                           |        Version:  Tor:
 Keywords:  hidden-service, config, easy  |  unspecified
Parent ID:                                |  Actual Points:
                                          |         Points:
------------------------------------------+--------------------------------
 This may be a duplicate, it's past my bed time, so I don't have time to
 check.

 The current rendservice code's duplication check doesn't enforce
 uniqueness of `pk_digest` and `service_id`.  It probably should do so for
 both things, since I can't think of a reason why this would ever be well
 defined, or desirable behavior.

 The trivial fix would be to add a pair of checks to
 `rendservice.c:rend_service_load_keys(s)`, that log on LD_CONFIG, and
 return an error if a collision is detected.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14828>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list